blookot / rsa2elkLinks
Converts Netwitness log parser configuration to Logstash configuration
☆20Updated 4 years ago
Alternatives and similar repositories for rsa2elk
Users that are interested in rsa2elk are comparing it to the libraries listed below
Sorting:
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Updated 4 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated 3 weeks ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆54Updated last week
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- An Ansible playbook for deploying the Suricata intrusion detection system and fetching Snort rules with Oinkmaster.☆16Updated 3 years ago
- Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common …☆27Updated 11 months ago
- This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…☆15Updated 4 years ago
- ☆18Updated 3 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- Meraki MX Logstash configurations☆16Updated 2 years ago
- ☆48Updated this week
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- MineMeld nodes for MISP☆19Updated last year
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆22Updated 5 months ago
- Read only mirror. To contribute or submit issues, please go to the website link --->☆14Updated last year
- Downloading Splunk, made easy through scripts☆20Updated 4 months ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 3 years ago
- Documentation used for Shuffle☆19Updated this week
- Detection-as-Code CI/CD pipeline for modern security operations (SIEM, EDR, XDR, ...)☆21Updated 2 months ago
- Zeek support for Community ID flow hashing.☆36Updated 2 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 4 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated last year
- Pep up your Windows Event Collector (WEC) for Windows Event Forwarding (WEF)☆19Updated 3 years ago
- Contains log samples and configuration files for the Tactical Data Handling at Scale with Logstash course☆10Updated 5 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27Updated 4 years ago
- Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook☆52Updated 5 years ago
- Build Automated Machine Images for MISP☆28Updated 2 years ago