criblio / collector-templatesLinks
Templates for Cribl Stream Collectors
☆46Updated 3 weeks ago
Alternatives and similar repositories for collector-templates
Users that are interested in collector-templates are comparing it to the libraries listed below
Sorting:
- Splunk Content Control Tool☆116Updated last week
- This repository contains Community and Field contributed content for LogScale☆258Updated 2 weeks ago
- Discover for Cloud and Containers Azure☆29Updated this week
- Web based S1 query navigator for one-click threat hunting☆22Updated 4 years ago
- PowerShell for CrowdStrike's OAuth2 APIs☆428Updated last week
- RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…☆57Updated this week
- Repository of SentinelOne Deep Visibility queries.☆130Updated 4 years ago
- Scripts to streamline the deployment and use of the CrowdStrike Falcon sensor☆182Updated last month
- Splunk App for Cribl Stream and Edge Observability☆25Updated last month
- Repository with Sample KQL Query examples for Threat Hunting☆215Updated 3 years ago
- Programming Microsoft Sentinel book☆25Updated last year
- MISP to Sentinel integration☆71Updated last week
- compliance assessment and POA&M management for CMMC/NIST 800-171A☆95Updated 8 months ago
- Various tools used to monitor and troubleshoot Azure Sentinel data☆30Updated 10 months ago
- In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…☆128Updated this week
- Dettectinator - The Python library to your DeTT&CT YAML files.☆116Updated 4 months ago
- TrackMe - Data tracking system for Splunk admins☆50Updated 2 years ago
- Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.☆129Updated 2 months ago
- ☆97Updated 2 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆209Updated 5 years ago
- The CrowdStrike Falcon SDK for Python☆425Updated 2 weeks ago
- ☆86Updated 5 months ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆55Updated 2 years ago
- Unleash the power of the Falcon Platform at the CLI☆123Updated 3 weeks ago
- A guide to using Azure Data Explorer and KQL for DFIR☆111Updated 3 years ago
- ☆30Updated 4 months ago
- Sharing my KQL queries for Azure Sentinel☆185Updated this week
- Real-time Response scripts and schema☆116Updated last year
- SentinelOne STAR Rules☆67Updated 6 months ago
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆143Updated last month