Alternatives and similar repositories for bro-debian-elasticsearch

Users that are interested in bro-debian-elasticsearch are comparing it to the libraries listed below

• kost / docker-sift

  View on GitHub
  Docker container of SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3
  ☆11Oct 9, 2016Updated 9 years ago
• danielguerra69 / docker-moloch

  View on GitHub
  A Docker container for Moloch based on minimal Debian
  ☆13Jun 23, 2017Updated 8 years ago
• fygrave / iocmap

  View on GitHub
  Indicator of Compromise Mapping Service
  ☆12Apr 15, 2014Updated 11 years ago
• corelight / top-dns

  View on GitHub
  Top DNS Measurement for Bro
  ☆11Aug 22, 2020Updated 5 years ago
• mrlesmithjr / ansible-suricata

  View on GitHub
  ☆12Jan 28, 2020Updated 6 years ago
• blazeinfosec / Flame

  View on GitHub
  Flame - Send vulnerabilities reports to SIEM
  ☆15Jul 28, 2016Updated 9 years ago
• CptOfEvilMinions / ChooseYourSIEMAdventure

  View on GitHub
  ☆18Jan 18, 2022Updated 4 years ago
• hillar / vagrant_moloch_bro_suricata

  View on GitHub
  vagrant multi-machine: Moloch, Bro,Suricata,ElasticSearch,Kibana
  ☆41Nov 24, 2014Updated 11 years ago
• JustinAzoff / bro_scripts

  View on GitHub
  Analysis scripts for the Bro Intrusion Detection System
  ☆59Feb 26, 2014Updated 11 years ago
• glallen01 / csirt-essential-reading

  View on GitHub
  Reading List for CSIRT Team Members
  ☆17Oct 21, 2019Updated 6 years ago
• CityBaseInc / SIAC

  View on GitHub
  SIAC is an enterprise SIEM built on open-source technology.
  ☆115Oct 31, 2018Updated 7 years ago
• jusafing / pnaf

  View on GitHub
  Passive Network Audit Framework
  ☆32May 17, 2018Updated 7 years ago
• StamusNetworks / KTS

  View on GitHub
  Kibana 4 Templates for Suricata IDPS
  ☆33Jul 28, 2016Updated 9 years ago
• defensivedepth / Sysmon_OSSEC

  View on GitHub
  OSSEC Decoder & Rulesets for Sysmon Events
  ☆15Jul 23, 2015Updated 10 years ago
• eCrimeLabs / MISP2CbR

  View on GitHub
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆20May 25, 2022Updated 3 years ago
• blacktop / docker-bro

  View on GitHub
  Bro IDS Dockerfile
  ☆129Sep 14, 2019Updated 6 years ago
• Nclose-ZA / elastalert_hive_alerter

  View on GitHub
  This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
  ☆27May 18, 2021Updated 4 years ago
• rocknsm / rock-dashboards

  View on GitHub
  Dashboards and loader for ROCK NSM dashboards
  ☆49Mar 13, 2023Updated 2 years ago
• mstane / software-architecture-lab

  View on GitHub
  Design Software Architecture Research
  ☆13May 27, 2018Updated 7 years ago
• MISP / misp-packer

  View on GitHub
  Build Automated Machine Images for MISP
  ☆29Jun 9, 2023Updated 2 years ago
• capesstack / capes

  View on GitHub
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Aug 3, 2019Updated 6 years ago
• threat-punter / security-publications

  View on GitHub
  Detection Engineering research, open-source tools, conference presentations, and technical publications shared with the security communit…
  ☆28Dec 17, 2025Updated last month
• corelight / zeek-long-connections

  View on GitHub
  Zeek package for tracking long connections to report them before they have completed.
  ☆31Nov 25, 2025Updated 2 months ago
• utoni / potd

  View on GitHub
  A high scalable low to medium interactive SSH/TCP honeypot using Linux Namespaces, capabilities, seccomp, cgroups designed for OpenWrt an…
  ☆31Jul 12, 2020Updated 5 years ago
• zeek / bro-plugins

  View on GitHub
  (OBSOLETE) Plugins for Bro
  ☆53Sep 13, 2017Updated 8 years ago
• daverstephens / The-SOC-Shop

  View on GitHub
  Repository of scripts/tools that may be useful in Security Operations Centres (SOC)
  ☆55Nov 25, 2020Updated 5 years ago
• timmolter / logstash-dfir

  View on GitHub
  Logstash configuration files for analyzing various types of logs
  ☆25Dec 9, 2016Updated 9 years ago
• corelight / json-streaming-logs

  View on GitHub
  Bro script package to create JSON formatted logs to stream into data analysis systems.
  ☆30Dec 3, 2025Updated 2 months ago
• blacktop / docker-volatility

  View on GitHub
  Volatility Dockerfile
  ☆32Oct 3, 2022Updated 3 years ago
• HASecuritySolutions / Logstash

  View on GitHub
  Contains Logstash related content including tons of Logstash configurations
  ☆254Aug 25, 2021Updated 4 years ago
• treussart / ProbeManager

  View on GitHub
  Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...
  ☆71Apr 10, 2019Updated 6 years ago
• pooki3bear / pookiepack

  View on GitHub
  Windows10 hardening implemented in powershell for consumer or enterprise deployment
  ☆26Nov 15, 2017Updated 8 years ago
• aldonin / SIEM

  View on GitHub
  Security information and event management, masters's diploma
  ☆10Aug 3, 2015Updated 10 years ago
• awais922609 / Lets-Defend-Solutions

  View on GitHub
  The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 mon…
  ☆12Apr 27, 2023Updated 2 years ago
• clayball / nector

  View on GitHub
  A SIEM inspired by HECTOR, built on Django.
  ☆27Apr 16, 2019Updated 6 years ago
• gnarlyhaze / Kali-Update-Script

  View on GitHub
  ☆10Aug 4, 2020Updated 5 years ago
• zeek / time-machine

  View on GitHub
  Time-Machine Dynamic Bulk Packet Recorder
  ☆36Apr 21, 2025Updated 9 months ago
• tylabs / dovehawk

  View on GitHub
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆122Jul 12, 2021Updated 4 years ago
• intezer / ssdeep-elastic

  View on GitHub
  An example for implementation of ssdeep similarity search optimized with elasticsearch
  ☆34Sep 19, 2017Updated 8 years ago