criblio / collector-templates
Templates for Cribl Stream Collectors
☆41Updated last week
Alternatives and similar repositories for collector-templates:
Users that are interested in collector-templates are comparing it to the libraries listed below
- Splunk Content Control Tool☆111Updated this week
- Discover for Cloud and Containers Azure☆29Updated 2 months ago
- Splunk App for Cribl Stream and Edge Observability☆24Updated this week
- RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…☆53Updated last month
- ☆93Updated 2 years ago
- scripts using splunk application lookup-editor endpoint. Download, upload and update splunk lookups content☆29Updated 9 months ago
- compliance assessment and POA&M management for CMMC/NIST 800-171A☆87Updated 3 months ago
- This repository contains Community and Field contributed content for LogScale☆215Updated this week
- Real-time Response scripts and schema☆110Updated last year
- Repository of SentinelOne Deep Visibility queries.☆127Updated 3 years ago
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆143Updated 7 months ago
- MISP to Sentinel integration☆64Updated 2 weeks ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆111Updated 2 weeks ago
- In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…☆119Updated this week
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆162Updated last month
- Developer enhancements (DX) for FalconPy, the CrowdStrike Python SDK☆38Updated this week
- ☆83Updated last month
- A tool that allows you to document and assess any security automation in your SOC☆46Updated 5 months ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆41Updated 4 years ago
- Web based S1 query navigator for one-click threat hunting☆19Updated 4 years ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆90Updated 2 months ago
- ☆40Updated this week
- Ansible playbooks for configuring and managing Splunk Cloud deployments with the Admin Config Service (ACS) API☆26Updated 2 months ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆53Updated last year
- Grand Central logging for Cloud Services to Splunk☆36Updated 3 years ago
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆82Updated 4 years ago
- ☆28Updated 7 months ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆201Updated 4 years ago
- Collection of Microsoft Identity Threat Detection and Response resources.☆44Updated 2 weeks ago
- Various tools used to monitor and troubleshoot Azure Sentinel data☆30Updated 6 months ago