elastic / geneve

Related projects: ⓘ

• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆33Updated 3 weeks ago
• juju4 / ansible-zeek
  setup zeek, previously Bro IDS
  ☆17Updated last month
• blookot / rsa2elk
  Converts Netwitness log parser configuration to Logstash configuration
  ☆20Updated 4 years ago
• corelight / zeek-long-connections
  Zeek package for tracking long connections to report them before they have completed.
  ☆28Updated 2 years ago
• elastic / ecs-mapper
  Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
  ☆54Updated 2 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆32Updated last year
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆11Updated 4 years ago
• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 3 years ago
• carbonblack / cb-taxii-connector
  Connector for pulling and converting STIX information from TAXII Service Providers into CB Feeds.
  ☆15Updated 2 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆45Updated 2 months ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆51Updated 2 months ago
• ncsa / bro-doctor
  ☆23Updated 4 years ago
• DCSO / balboa
  server for indexing and querying passive DNS observations
  ☆44Updated 7 months ago
• cyphonmdr / cyclops
  ☆38Updated this week
• sealingtech / EDCOP
  Expandable Defensive Cyber Operations Platform
  ☆43Updated last year
• lprat / logstash-plugins
  My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …
  ☆10Updated 5 years ago
• elastic / security-action-examples
  This repository contains a few examples of actions that can be added to rules within Elastic Security.
  ☆22Updated 2 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆15Updated 3 months ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 5 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆21Updated 3 weeks ago
• csirtgadgets / bearded-avenger-deploymentkit
  CIFv3 DeploymentKit
  ☆62Updated 4 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated last year
• HKcyberstark / wazuh-ecs
  Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
  ☆27Updated 4 years ago
• SHolzhauer / elastic-tip
  Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common …
  ☆27Updated last month
• secureworks / aristotle
  ☆34Updated last year
• MISP / intelligence-icons
  intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…
  ☆38Updated 5 years ago
• hvandenb / splunk-elasticsearch
  A search command for Splunk which will allow you to search Elastic Search and display the results in the Splunk GUI
  ☆67Updated 7 years ago
• mixmodeai / bro_intel_linter
  Bro Intel Feed Linter
  ☆26Updated 5 years ago
• harvard-itsecurity / qradar-seculert-push
  Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!
  ☆17Updated 10 years ago
• 0x4D31 / sqhunter
  ☆66Updated this week