cameling / logminer
Mine patterns from logs
☆27Updated 8 years ago
Alternatives and similar repositories for logminer:
Users that are interested in logminer are comparing it to the libraries listed below
- User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.☆33Updated 7 years ago
- Simple parser for Splunk Processing Language (SPL) written in Python.☆35Updated 6 years ago
- Convert Splunk SPL to Elasticsearch DSL with pegjs☆13Updated 2 years ago
- Bluekeep detection rule by using Apache Flink CEP (Complex Event Processing) Library and Markov Chain.☆9Updated 5 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 8 years ago
- Elastic Search Processing Language☆49Updated 8 years ago
- Query.AI plugin for Kibana☆13Updated 5 years ago
- Open-source framework to detect outliers in Elasticsearch events☆208Updated last year
- Apache Metron☆59Updated 4 years ago
- Total Anomaly Detection System for software logs and traces☆10Updated 9 years ago
- Anomaly detection and monitoring software☆20Updated 6 years ago
- An open source pcap packet and NetFlow file analysis tool using Hadoop MapReduce and Hive.☆43Updated 11 years ago
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆31Updated 4 years ago
- Auto extract key in log files☆21Updated 6 years ago
- Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).☆20Updated last year
- Analysis of HTTP traffic and detection of anomalous user behavior in allowed actions. UEBA system.☆22Updated 2 years ago
- A proxy behind nginx while before kibana (4.x, 5.x) to provide data isolation for different users☆24Updated 5 years ago
- Sankey diagram for Kibana visualize.☆30Updated 4 months ago
- ES索引的维护脚本, 每天close delete reallocate optimize索引☆23Updated 5 years ago
- Parse Suricata rules☆12Updated last year
- 威胁检测规则集☆15Updated 5 years ago
- A machine learning plugin in Open Distro for real time anomaly detection on streaming data.☆80Updated 2 years ago
- Suricata rule and intel index☆30Updated last week
- Graph database version of the CVE database☆25Updated 2 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- A proof of concept implementation of the Siemens S7 protocol analyser for the Bro IDS.☆16Updated 8 years ago
- Zeek script library for getting the effective TLD of a domain.☆13Updated 11 months ago
- Malice Yara Plugin☆30Updated 5 years ago
- ☆39Updated 2 years ago
- A framework for the Analysis of Intrusion Detection Alerts☆17Updated 3 years ago