cameling / logminer
Mine patterns from logs
☆27Updated 7 years ago
Related projects: ⓘ
- Convert Splunk SPL to Elasticsearch DSL with pegjs☆12Updated 2 years ago
- User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.☆33Updated 7 years ago
- Simple parser for Splunk Processing Language (SPL) written in Python.☆35Updated 6 years ago
- Elastic Search Processing Language☆49Updated 7 years ago
- Query.AI plugin for Kibana☆13Updated 4 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆18Updated 8 years ago
- Apache Metron☆59Updated 3 years ago
- Total Anomaly Detection System for software logs and traces☆9Updated 8 years ago
- Elasticsearch querying library☆20Updated 5 years ago
- A fault-tolerant events/alerts correlation engine☆25Updated 5 years ago
- Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively☆22Updated 3 years ago
- An open source pcap packet and NetFlow file analysis tool using Hadoop MapReduce and Hive.☆43Updated 11 years ago
- ES索引的维护脚本, 每天close delete reallocate optimize索引☆23Updated 5 years ago
- A Zeek package that detects Zoom logins and meeting joins☆11Updated 4 years ago
- User interface for OpenSOC☆100Updated 9 years ago
- Analysis of HTTP traffic and detection of anomalous user behavior in allowed actions. UEBA system.☆20Updated last year
- Utility for parsing Bro log files into CSV or JSON format☆41Updated last year
- Zeek script library for getting the effective TLD of a domain.☆13Updated 5 months ago
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆74Updated this week
- Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).☆20Updated last year
- This repository hosts community contributed Kestrel analytics☆14Updated 3 months ago
- Suricata rule and intel index☆28Updated last month
- Threat Detection Rules (Snort/Sigma/Yara)☆12Updated 7 months ago
- Advanced Persistent Threat Detection Using Network Analysis☆21Updated 5 years ago
- Graph Representation of MITRE ATT&CK's CTI data☆47Updated 4 years ago
- Apache Metron Workshop Lab materials and instructions.☆35Updated 4 years ago
- Open Source ETL designed for and dedicated to Log processing and transformation☆68Updated last year
- Parser for Splunk's Search Processing Language (SPL) syntax highlighting☆16Updated 4 years ago
- dga classification with fasttext☆12Updated 5 years ago
- Bro analyzer that detects Google's QUIC protocol☆10Updated 3 years ago