ait-aecid / logdata-anomaly-minerLinks
This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use.
☆89Updated 2 weeks ago
Alternatives and similar repositories for logdata-anomaly-miner
Users that are interested in logdata-anomaly-miner are comparing it to the libraries listed below
Sorting:
- A completely automated anomaly detector Zeek network flows files (conn.log).☆82Updated 4 months ago
- ☆25Updated 4 years ago
- A method for grouping, clustering, and merging semi-structured alerts☆24Updated last year
- SecureBERT is a domain-specific language model to represent cybersecurity textual data.☆109Updated last year
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆59Updated 5 years ago
- Open source endpoint agent providing host information to Zeek. [v2]☆90Updated 3 weeks ago
- ☆127Updated 5 years ago
- A Novel and Modular Solution for Extracting All STIX Objects in CTI Reports☆26Updated 2 years ago
- Repository of creating different example suricata data sets☆36Updated 6 years ago
- SMET : Semantic Mapping of CVE to ATT&CK and its Application to Cybersecurity☆51Updated last year
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆101Updated last month
- Insider threat detection with heterogeneous graph in CERT dataset.☆27Updated 3 years ago
- This repository hosts community contributed Kestrel analytics☆18Updated last year
- Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively☆38Updated 7 months ago
- Argus Sensor☆72Updated last month
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆45Updated last year
- A library and command line tool for extracting indicators of compromise (IOCs) from security reports in PDF, HTML, Word, or text format☆47Updated last week
- PyTorch implementation of Deeplog: Anomaly detection and diagnosis from system logs through deep learning☆262Updated last year
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆33Updated last year
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆92Updated 7 months ago
- Open Source Tool - Cybersecurity Graph Database in Neo4j☆66Updated 2 years ago
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆128Updated 2 years ago
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆190Updated 2 months ago
- Security Analytics enables users for detecting security threats on their security event log data. It will also allow them to modify/tailo…☆91Updated this week
- Extracting Attack Behavior from Threat Reports☆79Updated 2 years ago
- AttacKG: Constructing Knowledge-enhanced Attack Graphs from Cyber Threat Intelligence Reports☆174Updated 2 years ago
- This use case aims to leverage stream reasoning techniques and the concept of semantic importance to detect one attacking type of the ins…☆22Updated 8 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆84Updated last week
- Official ID2T repository. ID2T creates labeled IT network datasets that contain user defined synthetic attacks.☆64Updated 2 years ago
- Log Anomaly Detection - Machine learning to detect abnormal events logs☆340Updated 2 years ago