alias454 / graylog-zeek-content-packLinks
BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
☆19Updated 5 years ago
Alternatives and similar repositories for graylog-zeek-content-pack
Users that are interested in graylog-zeek-content-pack are comparing it to the libraries listed below
Sorting:
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Build Automated Machine Images for MISP☆28Updated 2 years ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 8 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 10 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆34Updated 6 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Updated 7 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 6 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- An informational repo about hunting for adversaries in your IT environment.☆14Updated 8 years ago
- Traceroute improved wrapper for CSIRT and CERT operators☆38Updated 10 months ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆54Updated last week
- This repository is a curated list of pro bono incident response entities.☆21Updated 2 years ago
- CIFv3 DeploymentKit☆64Updated 5 years ago
- automate your MISP installs☆68Updated 5 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Updated 7 years ago
- Detect Phishing with Bro IDS☆19Updated 8 years ago
- Python script to automatically create sigma rules from The hive observables☆25Updated 6 years ago
- Network Forensics Bro scripts & pcap samples☆63Updated 11 years ago
- brocon-15 scripts☆13Updated 8 years ago
- ☆13Updated 5 years ago
- ☆38Updated 7 years ago
- Mass static malware analysis tool☆95Updated 3 years ago
- Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...☆72Updated 6 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- A collection of typical false positive indicators☆55Updated 4 years ago
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆17Updated 6 years ago
- Home to the ActorTrackr source code☆24Updated 8 years ago