Truvis / Splunk_TA_Truvis_Suricata5Links
This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server
☆15Updated 4 years ago
Alternatives and similar repositories for Splunk_TA_Truvis_Suricata5
Users that are interested in Splunk_TA_Truvis_Suricata5 are comparing it to the libraries listed below
Sorting:
- Downloading Splunk, made easy through scripts☆23Updated last month
- An Ansible playbook for deploying the Suricata intrusion detection system and fetching Snort rules with Oinkmaster.☆16Updated 3 years ago
- Corelight@Home script☆43Updated last year
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- MineMeld nodes for MISP☆19Updated last year
- Run zeek with zeekctl in docker☆55Updated 11 months ago
- Collection of Dashboards for Threat Hunting and more!☆68Updated 4 years ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Updated 4 years ago
- Incident Response Network Tools☆24Updated 4 years ago
- Shell script to download apps from Splunkbase☆23Updated 5 years ago
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- Coding examples for the OpenDNS Investigate API☆24Updated 5 years ago
- Snapshot, patch, health-check, and potentially roll-back Windows VMs☆34Updated 7 years ago
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆13Updated 4 years ago
- ☆34Updated 4 years ago
- A community event for security researchers to share their favorite notebooks☆108Updated last year
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated last week
- ☆34Updated 2 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 3 years ago
- The FASTEST way to consume threat intel.☆68Updated 2 years ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated 2 years ago
- incident response scripts☆19Updated 6 years ago
- ☆42Updated 2 years ago
- scripts to configure the Splunk Universal Forwarder in a locked down state☆40Updated 6 years ago
- Run Velociraptor on Security Onion☆39Updated 3 years ago
- Various Splunk Scripts and applets, all in one place☆33Updated last week
- A free incident response management and documentation workbook☆25Updated 6 years ago
- A Splunk technology add-on for osquery☆14Updated 4 years ago
- Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook☆53Updated 5 years ago