cameling / logminerLinks
Mine patterns from logs
☆27Updated 8 years ago
Alternatives and similar repositories for logminer
Users that are interested in logminer are comparing it to the libraries listed below
Sorting:
- Simple parser for Splunk Processing Language (SPL) written in Python.☆35Updated 7 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 9 years ago
- Convert Splunk SPL to Elasticsearch DSL with pegjs☆13Updated 3 years ago
- User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.☆33Updated 7 years ago
- Elastic Search Processing Language☆49Updated 8 years ago
- Open-source framework to detect outliers in Elasticsearch events☆208Updated 2 years ago
- Apache Metron☆59Updated 4 years ago
- Bluekeep detection rule by using Apache Flink CEP (Complex Event Processing) Library and Markov Chain.☆9Updated 5 years ago
- Query.AI plugin for Kibana☆13Updated 5 years ago
- Parser for Splunk's Search Processing Language (SPL) syntax highlighting☆19Updated 5 years ago
- User interface for OpenSOC☆100Updated 9 years ago
- An open source pcap packet and NetFlow file analysis tool using Hadoop MapReduce and Hive.☆43Updated 11 years ago
- Graph database version of the CVE database☆25Updated 2 years ago
- ES索引的维护脚本, 每天close delete reallocate optimize索引☆23Updated 6 years ago
- Total Anomaly Detection System for software logs and traces☆10Updated 9 years ago
- 威胁检测规则集☆15Updated 5 years ago
- Rule sets for Sagan☆104Updated 4 years ago
- CTI database generator and public dataset☆21Updated 5 years ago
- 基于Strom的日志实时流量分析主动防御(CCFirewall)系统☆71Updated 7 years ago
- passive dns collector☆10Updated 8 years ago
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆31Updated 5 years ago
- Access the process event connector in linux kernels from Python.☆26Updated 3 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Elasticsearch querying library☆20Updated 5 years ago
- ☆9Updated 8 years ago
- Extensible set of Storm topologies and topology attributes for streaming, enriching, indexing, and storing telemetry in Hadoop.☆132Updated last year
- Parse Suricata rules☆12Updated last year
- • Packet capture (PCAP) file analysis to analyze traffic sent by malicious IP address.☆12Updated 10 years ago
- Zeek scripts that provide an alternative log file logging TLS/SSL traffic☆10Updated 4 years ago
- Some of the presentations given by me☆18Updated 6 months ago