This repository contains a few examples of actions that can be added to rules within Elastic Security.
☆24Feb 6, 2025Updated last year
Alternatives and similar repositories for security-action-examples
Users that are interested in security-action-examples are comparing it to the libraries listed below
Sorting:
- Converts Netwitness log parser configuration to Logstash configuration☆20Sep 10, 2020Updated 5 years ago
- ☆14Feb 18, 2026Updated last week
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆26May 18, 2021Updated 4 years ago
- Parse Suricata rules☆13Aug 1, 2023Updated 2 years ago
- ☆12Apr 23, 2020Updated 5 years ago
- Safed for Linux☆14Jul 5, 2019Updated 6 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Jan 29, 2020Updated 6 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Nov 3, 2025Updated 3 months ago
- REST version of the Spring Petclinic sample application☆19Aug 8, 2024Updated last year
- Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).☆20Jul 1, 2023Updated 2 years ago
- Ansible playbook for installing MineMeld on Linux☆47Mar 18, 2021Updated 4 years ago
- Filebeat module for Squid access.log + Kibana dashboards. ELK 7.x☆17Sep 19, 2020Updated 5 years ago
- NetEye 4 community repository to share monitoring templates, Plugin scripts and instructions to enhance some NetEye modules in an guided …☆18Dec 17, 2025Updated 2 months ago
- A guide on using Zimbra with Elastic Stack using centralized logging☆27Apr 26, 2023Updated 2 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆28Jul 21, 2020Updated 5 years ago
- Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common …☆28Jul 30, 2024Updated last year
- A solution for using the ElastiFlow Unified Collector with the Elastic Stack (Elasticsearch and Kibana).☆25Nov 10, 2025Updated 3 months ago
- The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 mon…☆12Apr 27, 2023Updated 2 years ago
- ☆33Oct 16, 2025Updated 4 months ago
- A Docker repository to have a simple Caddy+Keeweb+Webdav solution☆14Jul 20, 2024Updated last year
- Mitre ATT&CK and Suricata Rules Automation with AI & LLM☆14Sep 28, 2024Updated last year
- Zeek Training Materials/Products☆41Feb 2, 2026Updated 3 weeks ago
- A command-line tool for debugging JSON logs, built in Go. Logshark integrates seamlessly with Beats and Logstash to provide real-time log…☆41Dec 13, 2022Updated 3 years ago
- A simple Kodi add-on which wraps 'NOW TV Player' to integrate with Kodi.☆13Jan 5, 2024Updated 2 years ago
- Ansible Role to install CheckMK RAW Edition agent☆10Nov 18, 2025Updated 3 months ago
- Stor2rrd Grafan monitoring☆12Jan 8, 2019Updated 7 years ago
- Migrate VMware AVI Virtual Services across Cloud Accounts, VRF Contexts, Service Engine Groups and NSX T1 gateways☆12Dec 15, 2024Updated last year
- ☆13Dec 26, 2022Updated 3 years ago
- Notify Alert to Google Chat Gsuite☆11Mar 31, 2022Updated 3 years ago
- 🪪 Software per l'utilizzo della Carta d'Identità Elettronica Italiana - Accesso ai servizi della PA, firma e verifica di documenti 🇮�…☆15Feb 12, 2026Updated 2 weeks ago
- Alpine Linux - Ansible Contrib Repository☆35Jan 7, 2025Updated last year
- NAPALM driver for Alcatel Lucent Enterprise AOS☆11Apr 27, 2021Updated 4 years ago
- My collection of monitoring plugins for Nagios and similar monitoring systems.☆61May 16, 2020Updated 5 years ago
- SIEM Logstash parsing for more than hundred technologies☆193Feb 20, 2026Updated last week
- Total Anomaly Detection System for software logs and traces☆10Dec 7, 2015Updated 10 years ago
- Proof-of-concept Kodi plugin for Eurosport Player☆10Apr 29, 2023Updated 2 years ago
- Script for cleaning up and archiving mails in Maildir folders based on arival date☆13Aug 1, 2024Updated last year
- Manage MySQL users, databases, schemas, etc.☆13Feb 21, 2026Updated last week
- Bittern Cache uses nvdimm to speed up block io operations☆15Oct 6, 2015Updated 10 years ago