Alternatives and similar repositories for ecs-logstash-mappings

Users that are interested in ecs-logstash-mappings are comparing it to the libraries listed below

• elastic / ecs-mapper
  Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
  ☆54Updated 3 years ago
• Cargill / OpenSIEM-Logstash-Parsing
  SIEM Logstash parsing for more than hundred technologies
  ☆189Updated last week
• elastic / security-action-examples
  This repository contains a few examples of actions that can be added to rules within Elastic Security.
  ☆24Updated 10 months ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated last month
• opensearch-project / security-analytics
  Security Analytics enables users for detecting security threats on their security event log data. It will also allow them to modify/tailo…
  ☆91Updated this week
• SeisoLLC / zeek-kafka
  A Zeek log writer plugin that publishes to Kafka.
  ☆51Updated 3 months ago
• wazuh / wazuh-dashboard-plugins
  Plugins for Wazuh Dashboard
  ☆488Updated this week
• enotspe / fortinet-2-elasticsearch
  Fortinet products logs to Elasticsearch
  ☆101Updated last week
• wazuh / wazuh-ruleset
  Wazuh - Ruleset
  ☆492Updated last year
• criblpacks / cribl-palo-alto-networks
  Process, reduce, and transform Palo Alto Networks Firewall logs.
  ☆18Updated 3 months ago
• isalgueiro / otilio
  Beat to get SNMP data
  ☆24Updated 7 years ago
• jmpsec / osctrl
  Fast and efficient osquery management
  ☆475Updated 2 weeks ago
• ExabeamLabs / Content-Library-CIM2
  ☆26Updated 2 weeks ago
• corelight / community-id-spec
  An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
  ☆190Updated last year
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆90Updated 2 weeks ago
• elastic / elastic-integration-corpus-generator-tool
  Command line tool used for generating events corpus dynamically given a specific integration
  ☆23Updated 10 months ago
• sophos / Sophos-Central-SIEM-Integration
  Simple integration script for 3rd party systems such as SIEMs. Offers command line, file or syslog output in CEF, JSON or key-value pair …
  ☆137Updated 2 years ago
• criblio / criblvision
  Splunk App for Cribl Stream and Edge Observability
  ☆25Updated 4 months ago
• ocsf / examples
  This repo contains example of raw event examples and possible translations to the OCSF schema.
  ☆50Updated 4 months ago
• idaholab / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆447Updated this week
• HASecuritySolutions / Logstash
  Contains Logstash related content including tons of Logstash configurations
  ☆254Updated 4 years ago
• splunk / splunk-connect-for-syslog
  Splunk Connect for Syslog
  ☆171Updated this week
• airbus-cyber / graylog-plugin-alert-wizard
  Alert Wizard plugin for Graylog to manage the alert rules
  ☆49Updated this week
• OISF / suricata-update
  The tool for updating your Suricata rules.
  ☆284Updated last month
• johnsusek / elastalert-server
  ElastAlert that exposes REST API's for manipulating rules and alerts
  ☆48Updated 2 weeks ago
• TheHive-Project / CortexDocs
  Documentation of Cortex
  ☆175Updated 2 years ago
• shadow-box / Palo-Alto-Networks-ELK-Stack
  Configuration for a Palo Alto Networks fed ELK Stack with Visualizations
  ☆75Updated 6 years ago
• splunk / splunk-app-examples
  App examples for Splunk Enterprise
  ☆150Updated 2 months ago
• DynamiteAI / dynamite-nsm
  DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…
  ☆171Updated 2 years ago
• criblio / helm-charts
  Repository for Cribl Helm Charts
  ☆48Updated 3 weeks ago