Alternatives and similar repositories for GettingStartedWithELK

Users that are interested in GettingStartedWithELK are comparing it to the libraries listed below

• blazeinfosec / Flame
  Flame - Send vulnerabilities reports to SIEM
  ☆15Updated 8 years ago
• set-element / auditdBroFramework
  The Auditd Framework logs and applies security policy to linux auditd data
  ☆15Updated 7 years ago
• Malicious-Entity / Get-Entity
  Scripts to query local admins quickly
  ☆9Updated 9 years ago
• farhanfaisal / DNSblacklist
  A shell script to download malware domains from various sources, and configuring unbound DNS config file to be used as a local recursive …
  ☆18Updated 10 years ago
• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 5 years ago
• Benster900 / BlogProjects
  Various blog post projects.
  ☆10Updated last year
• auditNG / auditNG
  ☆11Updated 7 years ago
• DCSO / slinkwatch
  automatic enumeration and maintenance of Suricata monitoring interfaces
  ☆11Updated 5 years ago
• logstash-plugins / logstash-codec-nmap
  NMap XML decoding for logstash
  ☆28Updated 2 years ago
• jvehent / AutOssec
  Ossec cookbook for Chef, with secure & automated key management
  ☆21Updated 12 years ago
• corelan / dnshjmon
  dnshjmon is a free tool to monitor public DNS records and report hijacks
  ☆91Updated 11 years ago
• SekoiaLab / FastIR_Agent
  FastIR Agent is a Windows service to execute FastIR Collector on demand
  ☆14Updated 8 years ago
• SekoiaLab / FastIR_Server
  The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent
  ☆12Updated 8 years ago
• SubtleScope / logfile-generators
  Series of scripts to generate fake logs for use in cyber exercises.
  ☆17Updated 9 years ago
• ministryofpromise / splunk2resilient
  splunk alert script to create resilient tickets
  ☆10Updated 9 years ago
• da667 / dns2snort
  AYY LMAO
  ☆22Updated 9 years ago
• StamusNetworks / ansible-misp
  Ansible playbook to install Malware Information Sharing Platform (MISP)
  ☆17Updated 10 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• mandiant / synfulknock
  ☆49Updated 9 years ago
• staaldraad / fastfluxanalysis
  Scripts to detect Fast-Flux and DGA using DNS query responses
  ☆43Updated 8 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated 2 years ago
• kost / docker-cowrie
  A Docker container for Cowrie - SSH honeypot based on kippo
  ☆10Updated 10 years ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 4 years ago
• darvid / nessusbeat
  A Beat that monitors a local Nessus reports directory and outputs scan results to Elasticsearch or Logstash.
  ☆31Updated 7 years ago
• kf0jvt / deez_factors
  Looks for GitHub org users without 2FA turned on
  ☆9Updated 8 years ago
• ikoniaris / thug-vagrant
  Vagrant configuration to setup a Thug honeyclient VM
  ☆20Updated 10 years ago
• c2defense / windows-event-collection
  Subscriptions to collect Windows Event Logs mapped to the MITRE ATT&CK model
  ☆12Updated 4 years ago
• MalwareSoup / sysmon2neo4j
  ☆15Updated 7 years ago
• m0nad / msfsuggester
  Metasploit exploit suggester using OpenVAS XML output
  ☆18Updated 7 years ago
• MISP / ansible
  MISP - Ansible installation script
  ☆22Updated 6 years ago