Alternatives and similar repositories for elastic-releases:

Users that are interested in elastic-releases are comparing it to the libraries listed below

• blookot / rsa2elk
  Converts Netwitness log parser configuration to Logstash configuration
  ☆20Updated 4 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 2 months ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Updated 2 years ago
• LogCraftIO / logcraft-cli
  Detection-as-Code CI/CD pipeline for modern security tools (SIEM, EDR, XDR, ...)
  ☆17Updated last week
• elastic / elastic-agent-shipper
  Data shipper for the Elastic Agent - single, unified way to add monitoring for logs, metrics, and other types of data to a host.
  ☆9Updated last year
• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 3 years ago
• ryanplasma / awesome-splunk-phantom
  A collection of awesome resources built for and around the Splunk Phantom platform.
  ☆15Updated 4 years ago
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆30Updated last month
• CIRCL / pcapdj
  pcapdj - dispatch pcap files
  ☆46Updated 4 years ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 4 years ago
• ipworkx / ecs-suricata
  ☆12Updated 4 years ago
• elastic / elastic-integration-corpus-generator-tool
  Command line tool used for generating events corpus dynamically given a specific integration
  ☆23Updated last month
• stahler / QRadar
  Using QRadar API
  ☆20Updated 6 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 3 years ago
• corelight / zeek-long-connections
  Zeek package for tracking long connections to report them before they have completed.
  ☆29Updated 2 years ago
• ElasticSA / elsec_dr2an
  Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).
  ☆20Updated last year
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• doksu / TA-jsontools
  JSON Tools Technology Add-On for Splunk
  ☆10Updated 3 years ago
• cudeso / misp-training-environment
  Setting up a training environment for MISP
  ☆11Updated 2 years ago
• IBM / qradar-monitor-device-events
  Monitor device events using QRadar
  ☆22Updated last year
• HKcyberstark / wazuh-ecs
  Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
  ☆27Updated 4 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated last year
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated last year
• ncsa / bro-doctor
  ☆23Updated 4 years ago
• neu5ron / es_stk
  ☆13Updated 2 years ago
• stratosphereips / netflowlabeler
  A configurable rule-based labeling tool for network flow files.
  ☆16Updated last year
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated 7 months ago
• elastic / security-action-examples
  This repository contains a few examples of actions that can be added to rules within Elastic Security.
  ☆22Updated 2 years ago
• eCrimeLabs / cratos-fastapi
  The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such…
  ☆13Updated this week