dgunter/ParseZeekLogs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/dgunter/ParseZeekLogs)

dgunter / ParseZeekLogs

Utility for parsing Bro log files into CSV or JSON format

☆41

Alternatives and similar repositories for ParseZeekLogs

Users that are interested in ParseZeekLogs are comparing it to the libraries listed below

Sorting:

ventz / docker-cif
View on GitHub
CIFv3 Ubuntu 16.04 Docker Container (Bearded Avenger)
☆12Apr 18, 2018Updated 7 years ago
corelight / conn-burst
View on GitHub
A Bro package to identify connections that are bursting (lots of data and transferring quickly).
☆13Oct 15, 2020Updated 5 years ago
binorassocies / brostash
View on GitHub
brostash: Linux distribution based on Debian and focusing on network security events collection
☆33Aug 30, 2020Updated 5 years ago
corelight / zeek-long-connections
View on GitHub
Zeek package for tracking long connections to report them before they have completed.
☆31Nov 25, 2025Updated 3 months ago
aboutsecurity / Bro-samples
View on GitHub
Network Forensics Bro scripts & pcap samples
☆63Mar 11, 2014Updated 11 years ago
corelight / json-streaming-logs
View on GitHub
Zeek package to create JSON formatted logs to stream into data analysis systems.
☆30Dec 3, 2025Updated 3 months ago
initconf / brocon-15
View on GitHub
brocon-15 scripts
☆13Apr 3, 2017Updated 8 years ago
spitfire55 / MegaDev
View on GitHub
Bro IDS + ELK Stack to detect and block data exfiltration
☆46Oct 31, 2018Updated 7 years ago
MITRECND / bro-http2
View on GitHub
Plugin for Zeek/Bro which provides http2 decoder/analyzer
☆30Jun 11, 2024Updated last year
csirtgadgets / cifsdk-v2
View on GitHub
python SDK for CIFv2
☆13Nov 5, 2019Updated 6 years ago
401trg / utilities
View on GitHub
This repository contains tools used by 401trg.
☆20Apr 14, 2021Updated 4 years ago
dgunter / evtxtoelk
View on GitHub
A lightweight tool to load Windows Event Log evtx files into Elasticsearch.
☆119Nov 6, 2020Updated 5 years ago
mozilla / zept
View on GitHub
INACTIVE - http://mzl.la/ghe-archive - Zeek Extreme Performance Tuning
☆26Oct 10, 2019Updated 6 years ago
mdegrazia / KAPE_Tools
View on GitHub
Tools and Binaries to use with KAPE
☆13Aug 13, 2019Updated 6 years ago
dhondta / malicious-macro-tester
View on GitHub
CLI tool for testing Office documents with macros using MaliciousMacroBot
☆12Dec 3, 2023Updated 2 years ago
sketchymoose / workslikeaJARM
View on GitHub
Method of finding interesting domains using keywords + JARMs
☆13Jan 30, 2023Updated 3 years ago
corelight / top-dns
View on GitHub
Top DNS Measurement for Bro
☆10Aug 22, 2020Updated 5 years ago
eSentire / malfeed
View on GitHub
Feed for verious malicious IPs such as malware and botnets
☆12Jun 20, 2016Updated 9 years ago
secynic / nfsinkhole
View on GitHub
nfsinkhole is a Python library and scripts for setting up a Linux server as a sinkhole (monitor, log/capture, and drop all traffic to a s…
☆12Apr 8, 2017Updated 8 years ago
timmolter / logstash-dfir
View on GitHub
Logstash configuration files for analyzing various types of logs
☆25Dec 9, 2016Updated 9 years ago
salesforce / GQUIC_Protocol_Analyzer
View on GitHub
GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor
☆80Sep 13, 2023Updated 2 years ago
mitre-attack / bzar
View on GitHub
A set of Zeek scripts to detect ATT&CK techniques.
☆620Jun 26, 2024Updated last year
stratosphereips / zeek_anomaly_detector
View on GitHub
A completely automated anomaly detector Zeek network flows files (conn.log).
☆82Aug 5, 2025Updated 7 months ago
AlkenePan / awesome-bro
View on GitHub
Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
☆30Apr 17, 2020Updated 5 years ago
yasser-alghamdi / winterfell-hunt
View on GitHub
Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
☆15Jul 23, 2020Updated 5 years ago
sofwerx / pcas
View on GitHub
☆12Apr 26, 2018Updated 7 years ago
thomaspatzke / sigma-workshop
View on GitHub
Elasticsearch/Kibana environment and log data for Sigma workshop
☆26Dec 20, 2019Updated 6 years ago
caschnee / misp-use-cases
View on GitHub
☆14May 30, 2018Updated 7 years ago
vertoforce / docker-sof-elk
View on GitHub
A dockerized version of the sof-elk project
☆13Jul 1, 2020Updated 5 years ago
andrewbeard / broworkshop
View on GitHub
Materials for the BSides NoVA/Charleston 2018 Bro Workshop
☆14Jun 4, 2025Updated 9 months ago
ditekshen / is-wos
View on GitHub
Information Stealers Wall of Sheep (IS-WOS)
☆11Nov 13, 2020Updated 5 years ago
zeek / zeek-agent-framework
View on GitHub
This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
☆14Oct 12, 2020Updated 5 years ago
bez0r / BeaconBits
View on GitHub
Network timing evaluation used to detect beacons, works with argus flow as the source
☆20May 4, 2016Updated 9 years ago
tylabs / dovehawk
View on GitHub
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
☆122Jul 12, 2021Updated 4 years ago
StamusNetworks / gophercap
View on GitHub
Accurate, modular, scalable PCAP manipulation tool written in Go.
☆96Apr 30, 2024Updated last year
DearBytes / Opensource-Endpoint-Monitoring
View on GitHub
This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
☆35Jul 8, 2019Updated 6 years ago
zeek / spicy-analyzers
View on GitHub
Growing collection of Spicy-based protocol and file analyzers for Zeek
☆32Sep 16, 2024Updated last year
sk4la / plast
View on GitHub
Modular command-line threat hunting tool & framework.
☆17Jul 20, 2020Updated 5 years ago
initconf / scan-NG
View on GitHub
scan-detection policies for bro
☆16Jan 16, 2025Updated last year