alias454 / graylog-zeek-content-pack
BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
☆19Updated 4 years ago
Alternatives and similar repositories for graylog-zeek-content-pack:
Users that are interested in graylog-zeek-content-pack are comparing it to the libraries listed below
- brocon-15 scripts☆13Updated 7 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- scan-detection policies for bro☆15Updated 2 months ago
- Bro Intel Feed Linter☆26Updated 5 years ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 8 years ago
- Detect Phishing with Bro IDS☆18Updated 8 years ago
- Python script to automatically create sigma rules from The hive observables☆24Updated 6 years ago
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆17Updated 6 years ago
- An informational repo about hunting for adversaries in your IT environment.☆14Updated 7 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- ☆48Updated 4 years ago
- Script for generating Bro intel files from pdf or html reports☆76Updated 9 years ago
- Quickly generate snort rules for IOCs☆18Updated 9 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Home to the ActorTrackr source code☆24Updated 7 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- ☆14Updated 11 months ago
- Honeypot log processor to create OTX Pulse entries☆28Updated last year
- IntelMQ command line tool to process events and send out email notifications.☆9Updated last week
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Updated 7 years ago
- ☆23Updated 4 years ago
- ☆12Updated 5 years ago
- Python script to pull various IOCs from PDFs☆15Updated 10 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆17Updated 8 years ago
- Top DNS Measurement for Bro☆11Updated 4 years ago
- Network Forensics Bro scripts & pcap samples☆62Updated 11 years ago
- References for FIRST CTI 2019 Symposium presentation☆22Updated 6 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago