Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, Suricata and Zeek solutions.
☆16Jun 15, 2021Updated 4 years ago
Alternatives and similar repositories for Corelight-Ansible-Roles
Users that are interested in Corelight-Ansible-Roles are comparing it to the libraries listed below
Sorting:
- An Ansible playbook for deploying the Suricata intrusion detection system and fetching Snort rules with Oinkmaster.☆17Oct 30, 2021Updated 4 years ago
- ☆58Mar 4, 2022Updated 3 years ago
- Kestrel Jupyter Notebook Kernel☆10Oct 19, 2023Updated 2 years ago
- Bro analyzer that detects Google's QUIC protocol☆10Mar 2, 2021Updated 4 years ago
- RPM packages for MISP☆40Jan 15, 2026Updated last month
- A Zeek package that detects Zoom logins and meeting joins☆12Apr 15, 2020Updated 5 years ago
- Template repository and README for submissions to Bellingcat's Global Hackathon☆16Oct 7, 2022Updated 3 years ago
- This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…☆15Sep 5, 2020Updated 5 years ago
- Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!☆18Nov 5, 2013Updated 12 years ago
- Bash scripts to setup local Splunk instances quickly☆15Sep 9, 2020Updated 5 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆39Aug 18, 2022Updated 3 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆17Nov 7, 2020Updated 5 years ago
- An Installation Script for Bro IDS on Debian Based Systems☆20Jun 25, 2020Updated 5 years ago
- Firepit - STIX Columnar Storage☆18Jun 5, 2024Updated last year
- Log4j Exploit Detection Logic for Zeek☆19Nov 25, 2025Updated 3 months ago
- A MAL language that demonstrates the Maven project structure☆23Updated this week
- ☆19Oct 30, 2020Updated 5 years ago
- Look into EDR events from network☆25Nov 20, 2025Updated 3 months ago
- Landing Page Content/Builder for MITRE Security Automation Framework☆29Oct 21, 2025Updated 4 months ago
- Cloudify Resource Creation Configuration☆25Nov 22, 2020Updated 5 years ago
- Incident Response Network Tools☆24Jul 23, 2021Updated 4 years ago
- Splunk App for Cribl Stream and Edge Observability☆28Jul 15, 2025Updated 7 months ago
- Ansible role to create and mount single lvm volumes☆26Apr 15, 2019Updated 6 years ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago
- Understand OVAL results in a blink of an eye☆35Jul 6, 2022Updated 3 years ago
- Collection of Dashboards for Threat Hunting and more!☆74Oct 17, 2020Updated 5 years ago
- This repo contains scripts to automate the addition of 3rd party Wazuh rules to your Wazuh installation☆18Dec 31, 2023Updated 2 years ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆37Nov 9, 2022Updated 3 years ago
- AWS LocalStack + Spark Cluster + Zeppelin [Docker]☆10Jul 6, 2022Updated 3 years ago
- Collection of walkthroughs on various threat hunting techniques☆76Aug 3, 2020Updated 5 years ago
- Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:☆123Feb 20, 2026Updated last week
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Jun 29, 2022Updated 3 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Nov 3, 2025Updated 3 months ago
- Manage your detectors and identify atypical data in OpenSearch Dashboards☆39Updated this week
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Sep 16, 2024Updated last year
- A small shell script that generates syslog messages.☆30Feb 9, 2017Updated 9 years ago
- ☆11Jan 1, 2025Updated last year
- [READ ONLY] Subtree split of the siyuan-packages-monorepo (see https://github.com/Zuoqiu-Yingyi/siyuan-packages-monorepo)☆12Jan 23, 2024Updated 2 years ago
- Cont3xt intends to centralize and simplify a structured approach to gathering contextual intelligence in support of technical investigati…☆38Mar 15, 2024Updated last year