chan2git / splunk-botsLinks
This repository is dedicated to hosting personal comprehensive walkthrough solutions for Splunk's Boss of the SOC (BOTS) CTF-style labs. To be eventually updated with all BOTS events.
☆10Updated last year
Alternatives and similar repositories for splunk-bots
Users that are interested in splunk-bots are comparing it to the libraries listed below
Sorting:
- Shell script to download apps from Splunkbase☆23Updated 5 years ago
- This repository is a comprehensive collection of resources, documentation, apps, and add-ons related to Splunk, a powerful data analytics…☆23Updated 3 weeks ago
- Generate Indexes from SANS PDFs☆18Updated last year
- A list of Splunk queries that I've collected and used over time.☆86Updated 4 years ago
- This repository contains Splunk queries to hunt some anomalies☆44Updated 3 years ago
- Playbooks-On-Rails for Splunk (PORS)☆15Updated 6 months ago
- RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…☆58Updated this week
- Tools to automatically create a SANS index based off the course pdf files.☆108Updated 5 years ago
- Downloading Splunk, made easy through scripts☆24Updated last week
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated 3 weeks ago
- Real-time Response scripts and schema☆118Updated last year
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆66Updated last year
- SPL cheatsheet for Splunk.☆24Updated 2 years ago
- Harness the power of Splunk for your investigations☆130Updated last week
- Docker image for Velocidex Velociraptor☆137Updated 7 months ago
- ☆45Updated 2 years ago
- Home for Splunk security datasets.☆125Updated 5 years ago
- Incident Response documents and tooling☆105Updated last month
- Re-play Adversarial Techniques☆42Updated 4 years ago
- A repository of my own Sigma detection rules.☆162Updated last year
- ☆87Updated 7 months ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆94Updated 3 months ago
- Web based S1 query navigator for one-click threat hunting☆24Updated 4 years ago
- Convert Sigma rules to Wazuh rules☆73Updated 3 weeks ago
- Splunk Content Control Tool☆119Updated 2 weeks ago
- This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…☆15Updated 5 years ago
- ☆53Updated last year
- Splunk Boss of the SOC version 3 dataset.☆376Updated 5 years ago
- This repository contains Community and Field contributed content for LogScale☆276Updated 2 weeks ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆112Updated 3 years ago