elastic/security-action-examples external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

elastic/security-action-examples

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/elastic/security-action-examples)

Close

elastic / security-action-examplesView on GitHubMore

• External links
• Readme badge

This repository contains a few examples of actions that can be added to rules within Elastic Security.

☆24Feb 6, 2025Updated last year

Alternatives and similar repositories for security-action-examples

Users that are interested in security-action-examples are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• elastic / spring-petclinic

  View on GitHub
  REST version of the Spring Petclinic sample application
  ☆19Aug 8, 2024Updated last year
• ElasticSA / elsec_dr2an

  View on GitHub
  Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).
  ☆19Jul 1, 2023Updated 2 years ago
• elastic / ecs-mapper

  View on GitHub
  Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
  ☆53Mar 9, 2022Updated 4 years ago
• elastic / cortado

  View on GitHub
  ☆26Jun 3, 2026Updated last week
• blookot / rsa2elk

  View on GitHub
  Converts Netwitness log parser configuration to Logstash configuration
  ☆20Sep 10, 2020Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• emulation-plans / emulation-plans

  View on GitHub
  A list of Mitre Caldera compatible emulation-plans
  ☆14Feb 1, 2021Updated 5 years ago
• ugosan / logshark

  View on GitHub
  A command-line tool for debugging JSON logs, built in Go. Logshark integrates seamlessly with Beats and Logstash to provide real-time log…
  ☆40Dec 13, 2022Updated 3 years ago
• elastic / workflows

  View on GitHub
  ☆51Jun 3, 2026Updated last week
• Nclose-ZA / elastalert_hive_alerter

  View on GitHub
  This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
  ☆26May 18, 2021Updated 5 years ago
• theY4Kman / parsuricata

  View on GitHub
  Parse Suricata rules
  ☆14Aug 1, 2023Updated 2 years ago
• WuerthPhoenix / safed

  View on GitHub
  Safed for Linux
  ☆14Jul 5, 2019Updated 6 years ago
• corelight / ecs-mapping

  View on GitHub
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆33May 23, 2026Updated 2 weeks ago
• ipworkx / ecs-suricata

  View on GitHub
  ☆12Apr 23, 2020Updated 6 years ago
• blookot / elastic-releases

  View on GitHub
  Listing releases of the Elastic stack with new features and references
  ☆19May 7, 2026Updated last month
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• elastic / genai-workshop-colab

  View on GitHub
  Elastic GenAI Workshop (Colab)
  ☆12Feb 6, 2025Updated last year
• zampat / neteye4

  View on GitHub
  NetEye 4 community repository to share monitoring templates, Plugin scripts and instructions to enhance some NetEye modules in an guided …
  ☆18Dec 17, 2025Updated 5 months ago
• zeek / zeek-training

  View on GitHub
  Zeek Training Materials/Products
  ☆44Apr 21, 2026Updated last month
• elastic / synthetics-recorder

  View on GitHub
  ☆32Apr 30, 2026Updated last month
• j91321 / ansible-role-auditbeat

  View on GitHub
  Ansible role to install auditbeat for security monitoring. (Ruleset included)
  ☆15Nov 16, 2023Updated 2 years ago
• elastic / ecs-logging-go-zerolog

  View on GitHub
  Elastic Common Schema (ECS) support for zerolog
  ☆11May 28, 2026Updated last week
• HKcyberstark / TI_Mod

  View on GitHub
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19May 11, 2021Updated 5 years ago
• elastic / opbeans-frontend

  View on GitHub
  ☆12May 24, 2026Updated 2 weeks ago
• PaloAltoNetworks / minemeld-ansible

  View on GitHub
  Ansible playbook for installing MineMeld on Linux
  ☆47Mar 18, 2021Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• adafruit / Raspberry_Pi_SQLite_Sensors

  View on GitHub
  Code for the Raspberry Pi SQLite Sensors video series.
  ☆13Jun 25, 2016Updated 9 years ago
• StevenACoffman / jt

  View on GitHub
  JIRA CLI
  ☆20Sep 16, 2021Updated 4 years ago
• randomuserid / Adama

  View on GitHub
  Searches For Threat Hunting and Security Analytics
  ☆239Mar 26, 2025Updated last year
• olegzhr / altprobe

  View on GitHub
  collector
  ☆64May 15, 2026Updated 3 weeks ago
• elastiflow / elastiflow_for_elasticsearch

  View on GitHub
  A solution for using the ElastiFlow Unified Collector with the Elastic Stack (Elasticsearch and Kibana).
  ☆26Nov 10, 2025Updated 6 months ago
• edmocosta / tuistash

  View on GitHub
  A Terminal User Interface for Logstash 🪵
  ☆109Apr 10, 2026Updated last month
• davidrecordon / terraform-aws-kolide-fleet

  View on GitHub
  Deploy Kolide's Fleet into AWS using Terraform.
  ☆16Apr 18, 2018Updated 8 years ago
• ExamProCo / gen-ai-training-day-workshops

  View on GitHub
  This repo contains the workshops for the GenAI Training Day.
  ☆15Nov 15, 2024Updated last year
• jonny-jhnson / Automated-Detection-Pipeline

  View on GitHub
  ☆16Dec 16, 2020Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• randerzander / docker-ambari

  View on GitHub
  Dockerfile and artifacts for running a self-contained HDP 2.3 "cluster" in a docker container
  ☆10Aug 30, 2016Updated 9 years ago
• akky2892 / Cyber-Threat-Hunting

  View on GitHub
  Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…
  ☆15May 18, 2019Updated 7 years ago
• HKcyberstark / wazuh-ecs

  View on GitHub
  Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
  ☆28Jul 21, 2020Updated 5 years ago
• elastic / elastic-otel-java

  View on GitHub
  ☆34Updated this week
• elastic / elasticsearch-arduino

  View on GitHub
  Experimental library for connecting Arduino boards to Elasticsearch and Elastic Cloud
  ☆13Feb 6, 2025Updated last year
• devops-ia / helm-opencti

  View on GitHub
  Helm chart for Open Cyber Threat Intelligence Platform
  ☆35Updated this week
• elastic / faker-datasets

  View on GitHub
  Faker provider that loads data from your datasets
  ☆19Nov 18, 2025Updated 6 months ago