elastic / geneveLinks
☆13Updated this week
Alternatives and similar repositories for geneve
Users that are interested in geneve are comparing it to the libraries listed below
Sorting:
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last month
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 3 years ago
- A Python library for handling TAXII Messages invoking TAXII Services.☆72Updated 4 years ago
- OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON☆52Updated last year
- A Python library to help with some common threat hunting data analysis operations☆143Updated 2 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆27Updated 5 years ago
- misp-cloud - Cloud-ready images of MISP☆74Updated 3 years ago
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- ArcSight's Common Event Format library☆39Updated last year
- A simple Docker container that serves the MITRE ATT&CK Navigator web app☆27Updated 2 years ago
- STIX2 graph visualisation library in JS☆91Updated 4 months ago
- ☆28Updated 4 years ago
- Zeek support for Community ID flow hashing.☆37Updated 2 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Updated 5 years ago
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆117Updated last year
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- ☆38Updated 11 months ago
- Converts Netwitness log parser configuration to Logstash configuration☆20Updated 5 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 3 years ago
- TAXII client implementation from EclecticIQ☆103Updated 4 years ago
- Python module to interface with the OpenDNS Investigate API☆64Updated 3 years ago
- ☆38Updated 6 years ago
- OASIS TC Open Repository: Match STIX content against STIX patterns☆46Updated 3 years ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27Updated 4 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆17Updated 4 years ago
- Definition, description and relationship types of MISP objects☆101Updated last month
- the fastest way to consume threat intelligence.☆31Updated 2 years ago
- intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…☆41Updated 6 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆28Updated 5 years ago
- Assemblyline 4 Malware detonation service (Cuckoo)☆17Updated last year