Truvis / Splunk_TA_Truvis_Suricata5Links
This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server
☆15Updated 5 years ago
Alternatives and similar repositories for Splunk_TA_Truvis_Suricata5
Users that are interested in Splunk_TA_Truvis_Suricata5 are comparing it to the libraries listed below
Sorting:
- Corelight@Home script☆44Updated last year
- An Ansible playbook for deploying the Suricata intrusion detection system and fetching Snort rules with Oinkmaster.☆16Updated 3 years ago
- Incident Response Network Tools☆24Updated 4 years ago
- Downloading Splunk, made easy through scripts☆24Updated last month
- MineMeld nodes for MISP☆19Updated last year
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Updated 4 years ago
- Collection of Dashboards for Threat Hunting and more!☆69Updated 4 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆40Updated 3 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- ☆34Updated 2 years ago
- A collection of tips for using MISP.☆74Updated 9 months ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆34Updated 5 years ago
- This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM☆16Updated 2 months ago
- Integrate Zeek with Alienvault OTX☆25Updated 5 years ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- A community event for security researchers to share their favorite notebooks☆108Updated last year
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated 2 years ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 3 years ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated this week
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆54Updated last week
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 4 years ago
- ☆53Updated 3 years ago
- ☆34Updated 4 years ago
- incident response scripts☆19Updated 6 years ago
- ☆42Updated 2 years ago
- Elastic Beat for fetching and shipping Office 365 audit events☆68Updated 5 years ago
- Crowdstrike response script containing various functions for IR/triage☆12Updated 4 years ago