elastic / ecs-mapperLinks
Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
☆54Updated 3 years ago
Alternatives and similar repositories for ecs-mapper
Users that are interested in ecs-mapper are comparing it to the libraries listed below
Sorting:
- SIEM Logstash parsing for more than hundred technologies☆185Updated this week
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated 3 weeks ago
- Contains Logstash related content including tons of Logstash configurations☆254Updated 3 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- Documentation of Cortex☆174Updated last year
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆22Updated 5 months ago
- Python API Client for TheHive☆230Updated last week
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆129Updated last year
- Splunk App for Linux Auditd☆58Updated 4 years ago
- ☆38Updated 5 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated last year
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆188Updated 4 years ago
- A (nearly) production ready Dockered MISP☆232Updated last year
- Docker files for building Zeek.☆86Updated last year
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆116Updated last year
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27Updated 4 years ago
- A search command for Splunk which will allow you to search Elastic Search and display the results in the Splunk GUI☆69Updated 8 years ago
- Data validator agains Splunk Common Information Model (CIM)☆76Updated last year
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 4 years ago
- Collaborative Open Playbook Standard☆157Updated 2 years ago
- A Search command to explore Elasticsearch data within Splunk.☆40Updated 6 years ago
- Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:☆114Updated last week
- MISP Docker (XME edition)☆282Updated last year
- Splunk Connect for Syslog☆166Updated last week
- SIAC is an enterprise SIEM built on open-source technology.☆114Updated 6 years ago
- Phantom Apps Repo☆83Updated 3 years ago
- App examples for Splunk Enterprise☆142Updated 2 months ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- Cisco eStreamer client☆24Updated 2 years ago