alias454 / graylog-zeek-content-packLinks
BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
☆20Updated 5 years ago
Alternatives and similar repositories for graylog-zeek-content-pack
Users that are interested in graylog-zeek-content-pack are comparing it to the libraries listed below
Sorting:
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 10 years ago
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 8 years ago
- Network Forensics Bro scripts & pcap samples☆62Updated 11 years ago
- brocon-15 scripts☆13Updated 8 years ago
- Build Automated Machine Images for MISP☆28Updated 2 years ago
- Detect Phishing with Bro IDS☆18Updated 8 years ago
- automate your MISP installs☆68Updated 5 years ago
- A RESTful API frontend for Stenographer☆54Updated 2 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆34Updated 6 years ago
- Home to the ActorTrackr source code☆24Updated 8 years ago
- CIFv3 DeploymentKit☆64Updated 5 years ago
- Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses☆101Updated 5 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated last year
- Traceroute improved wrapper for CSIRT and CERT operators☆38Updated 9 months ago
- Python script to automatically create sigma rules from The hive observables☆25Updated 6 years ago
- A collection of bro_scripts and signatures☆26Updated 6 years ago
- ☆49Updated 4 years ago
- An informational repo about hunting for adversaries in your IT environment.☆14Updated 8 years ago
- ☆38Updated 6 years ago
- Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...☆72Updated 6 years ago
- ☆13Updated 5 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Updated 7 years ago
- ☆24Updated 5 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago