Alternatives and similar repositories for logminer

Users that are interested in logminer are comparing it to the libraries listed below

• salspaugh / splparser
  Simple parser for Splunk Processing Language (SPL) written in Python.
  ☆35Updated 7 years ago
• morrigan / user-behavior-anomaly-detector
  User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.
  ☆33Updated 8 years ago
• query-ai / queryai-kibana-plugin
  Query.AI plugin for Kibana
  ☆13Updated 6 years ago
• NVISOsecurity / ee-outliers
  Open-source framework to detect outliers in Elasticsearch events
  ☆208Updated 2 years ago
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆20Updated 9 years ago
• apache / metron-bro-plugin-kafka
  Apache Metron
  ☆60Updated 5 years ago
• Anonymity94 / spl2dsl
  Convert Splunk SPL to Elasticsearch DSL with pegjs
  ☆13Updated 3 years ago
• chenryn / ESPL
  Elastic Search Processing Language
  ☆50Updated 9 years ago
• OpenSOC / opensoc-ui
  User interface for OpenSOC
  ☆100Updated 10 years ago
• corelight / zeek-quic
  Bro analyzer that detects Google's QUIC protocol
  ☆10Updated 4 years ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 5 years ago
• OpenSOC / opensoc-streaming
  Extensible set of Storm topologies and topology attributes for streaming, enriching, indexing, and storing telemetry in Hadoop.
  ☆134Updated 2 years ago
• kiwiz / esquery
  Elasticsearch querying library
  ☆20Updated 6 years ago
• 0xrawsec / gene-rules
  ☆42Updated 3 years ago
• beave / sagan-rules
  Rule sets for Sagan
  ☆106Updated 5 years ago
• aldonin / SIEM
  Security information and event management, masters's diploma
  ☆10Updated 10 years ago
• corelight / log-add-http-post-bodies
  Add POST body excerpt to Bro's HTTP log
  ☆14Updated 2 months ago
• endgameinc / eql
  ☆228Updated 2 months ago
• CSIRT-MU / Stream4Flow
  A framework for the real-time network traffic analysis based on world-leading technologies for distributed stream processing, network tra…
  ☆102Updated 4 years ago
• AlkenePan / awesome-bro
  Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
  ☆31Updated 5 years ago
• childe / dopey
  ES索引的维护脚本, 每天close delete reallocate optimize索引
  ☆23Updated 6 years ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated 3 years ago
• intezer / ssdeep-elastic
  An example for implementation of ssdeep similarity search optimized with elasticsearch
  ☆34Updated 8 years ago
• carolynduby / ApacheMetronWorkshop
  Apache Metron Workshop Lab materials and instructions.
  ☆35Updated 6 years ago
• abzcoding / aptdetector
  Advanced Persistent Threat Detection Using Network Analysis
  ☆23Updated 6 years ago
• DjGorillaz / anomaly-detection-and-monitoring
  Anomaly detection and monitoring software
  ☆19Updated 7 years ago
• micrictor / spl-spt
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Updated 5 years ago
• binorassocies / brostash
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆33Updated 5 years ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆18Updated 4 years ago
• alexfrancow / A-Detector
  An anomaly-based intrusion detection system.
  ☆85Updated 3 years ago