Alternatives and similar repositories for GettingStartedWithELK

Users that are interested in GettingStartedWithELK are comparing it to the libraries listed below

• danielguerra69 / bro-debian-elasticsearch
  bro on debian with elasticsearch support
  ☆24Updated 8 years ago
• StamusNetworks / ansible-misp
  Ansible playbook to install Malware Information Sharing Platform (MISP)
  ☆17Updated 10 years ago
• aabed / dockpot
  ☆47Updated 10 years ago
• MISP / ansible
  MISP - Ansible installation script
  ☆22Updated 6 years ago
• ikoniaris / kippo2elasticsearch
  Transfer Kippo data to ElasticSearch
  ☆18Updated 9 years ago
• initconf / brocon-15
  brocon-15 scripts
  ☆13Updated 8 years ago
• set-element / auditdBroFramework
  The Auditd Framework logs and applies security policy to linux auditd data
  ☆15Updated 7 years ago
• binorassocies / brostash
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆34Updated 5 years ago
• ncsa / ossec-tools
  Scripts and integrations for OSSEC
  ☆41Updated 9 years ago
• EricGershman / auditd-examples
  Collection of Auditd Examples and Presentations
  ☆85Updated 4 years ago
• Security-Onion-Solutions / securityonion-bro-scripts
  ☆24Updated 5 years ago
• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 5 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 6 years ago
• mandiant / synfulknock
  ☆49Updated 10 years ago
• automayt / FlowPlotter
  Generates visualizations from the output of flow tools such as SiLK.
  ☆35Updated 8 years ago
• farhanfaisal / DNSblacklist
  A shell script to download malware domains from various sources, and configuring unbound DNS config file to be used as a local recursive …
  ☆18Updated 11 years ago
• Security-Onion-Solutions / securityonion-elastic
  Security Onion Elastic Stack
  ☆46Updated 4 years ago
• CIRCL / traceroute-circl
  Traceroute improved wrapper for CSIRT and CERT operators
  ☆38Updated 11 months ago
• mixmodeai / bro_amqp_plugin
  PacketSled's Bro AMQP Writer Plugin
  ☆11Updated 9 years ago
• hosom / bro-phishing
  Detect Phishing with Bro IDS
  ☆19Updated 8 years ago
• corelan / dnshjmon
  dnshjmon is a free tool to monitor public DNS records and report hijacks
  ☆91Updated 11 years ago
• sealingtech / EDCOP
  Expandable Defensive Cyber Operations Platform
  ☆43Updated 3 years ago
• kost / docker-moloch
  A Docker container for Moloch based on minimal Debian
  ☆26Updated 9 years ago
• BinaryDefense / auto-ossec
  ☆141Updated last year
• logstash-plugins / logstash-codec-nmap
  NMap XML decoding for logstash
  ☆28Updated 2 years ago
• philhagen / timeshift
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆21Updated 3 years ago
• chef-cookbooks / auditd
  Install and configure user mode auditd tools
  ☆34Updated 2 years ago
• auditNG / auditNG
  ☆11Updated 7 years ago
• staaldraad / fastfluxanalysis
  Scripts to detect Fast-Flux and DGA using DNS query responses
  ☆43Updated 8 years ago
• dnlongen / Snort-DNS
  Snort rules to detect local malware, phishing, and adult content by inspecting DNS responses from OpenDNS
  ☆52Updated 9 years ago