Alternatives and similar repositories for geneve:

Users that are interested in geneve are comparing it to the libraries listed below

• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated last month
• blookot / rsa2elk
  Converts Netwitness log parser configuration to Logstash configuration
  ☆20Updated 4 years ago
• DCSO / balboa
  server for indexing and querying passive DNS observations
  ☆45Updated last week
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated 2 months ago
• MISP / misp-takedown
  A curses-style interface for automatic takedown notification based on MISP events.
  ☆20Updated 4 years ago
• Patrowl / PatrowlCortexAnalyzers
  PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
  ☆11Updated 9 months ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 5 months ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆32Updated last month
• opendxl / opendxl-environment
  Pre-configured environment that supports the development and running of OpenDXL solutions
  ☆13Updated 4 years ago
• HKcyberstark / wazuh-ecs
  Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
  ☆27Updated 4 years ago
• elastic / ecs-mapper
  Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
  ☆54Updated 3 years ago
• EXC3L-ONE / awesome-synapse
  List of Awesome Vertex Synapse Resources
  ☆27Updated 7 months ago
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated last year
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 4 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• aacgood / Cortex-Analyzers
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Updated 5 years ago
• splunk / TA-osquery
  A Splunk technology add-on for osquery
  ☆14Updated 3 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• lprat / logstash-plugins
  My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …
  ☆11Updated 5 years ago
• PaloAltoNetworks / minemeld-webui
  WebUI of MineMeld
  ☆43Updated 2 years ago
• mnemonic-no / provreq
  Adversary Emulation Planner
  ☆38Updated 9 months ago
• MISP / best-practices-in-threat-intelligence
  Best practices in threat intelligence
  ☆46Updated 2 years ago
• jgamblin / CVElk
  Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
  ☆49Updated 8 months ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆53Updated last week
• corelight / json-streaming-logs
  Bro script package to create JSON formatted logs to stream into data analysis systems.
  ☆28Updated last year
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆57Updated 3 years ago
• ncsa / bro-doctor
  ☆23Updated 5 years ago