cameling / logminerLinks
Mine patterns from logs
☆27Updated 8 years ago
Alternatives and similar repositories for logminer
Users that are interested in logminer are comparing it to the libraries listed below
Sorting:
- User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.☆33Updated 7 years ago
- Simple parser for Splunk Processing Language (SPL) written in Python.☆35Updated 7 years ago
- Elastic Search Processing Language☆49Updated 8 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 9 years ago
- Convert Splunk SPL to Elasticsearch DSL with pegjs☆13Updated 3 years ago
- Open-source framework to detect outliers in Elasticsearch events☆208Updated 2 years ago
- Bluekeep detection rule by using Apache Flink CEP (Complex Event Processing) Library and Markov Chain.☆9Updated 5 years ago
- An open source pcap packet and NetFlow file analysis tool using Hadoop MapReduce and Hive.☆44Updated 11 years ago
- Parser for Splunk's Search Processing Language (SPL) syntax highlighting☆19Updated 5 years ago
- Apache Metron☆59Updated 4 years ago
- Total Anomaly Detection System for software logs and traces☆10Updated 9 years ago
- ES索引的维护脚本, 每天close delete reallocate optimize索引☆23Updated 6 years ago
- pyJARM is a library for doing JARM fingerprinting using python☆50Updated 3 months ago
- Elasticsearch querying library☆20Updated 6 years ago
- User interface for OpenSOC☆100Updated 9 years ago
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆23Updated 2 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Elastic-Grok-Script-Plugin is a provider of Grok ElasticSearch plug-in☆12Updated 8 years ago
- Apache Metron Workshop Lab materials and instructions.☆35Updated 5 years ago
- Advanced Persistent Threat Detection Using Network Analysis☆22Updated 6 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- ☆20Updated last year
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- CLI for Elasticsearch☆16Updated 8 years ago
- ☆31Updated last week
- ☆34Updated 4 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 5 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- web application for elasticsearch monitoring☆37Updated 7 years ago
- An output module for nxlog to write to kafka brokers using librdkafka☆16Updated 10 years ago