This repository contains a few examples of actions that can be added to rules within Elastic Security.
☆24Feb 6, 2025Updated last year
Alternatives and similar repositories for security-action-examples
Users that are interested in security-action-examples are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- REST version of the Spring Petclinic sample application☆19Aug 8, 2024Updated last year
- Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).☆20Jul 1, 2023Updated 2 years ago
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆53Mar 9, 2022Updated 4 years ago
- ☆26Mar 5, 2026Updated last month
- ☆41Apr 4, 2026Updated last week
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Converts Netwitness log parser configuration to Logstash configuration☆20Sep 10, 2020Updated 5 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Jan 29, 2020Updated 6 years ago
- A list of Mitre Caldera compatible emulation-plans☆14Feb 1, 2021Updated 5 years ago
- A command-line tool for debugging JSON logs, built in Go. Logshark integrates seamlessly with Beats and Logstash to provide real-time log…☆41Dec 13, 2022Updated 3 years ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆26May 18, 2021Updated 4 years ago
- Parse Suricata rules☆14Aug 1, 2023Updated 2 years ago
- Safed for Linux☆14Jul 5, 2019Updated 6 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Updated this week
- ☆12Apr 23, 2020Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Examples for creating Elastic Environments via Terraform☆27Jan 9, 2024Updated 2 years ago
- Filebeat module for Squid access.log + Kibana dashboards. ELK 7.x☆17Sep 19, 2020Updated 5 years ago
- NetEye 4 community repository to share monitoring templates, Plugin scripts and instructions to enhance some NetEye modules in an guided …☆18Dec 17, 2025Updated 3 months ago
- Zeek Training Materials/Products☆44Mar 28, 2026Updated last week
- ☆32Mar 26, 2026Updated 2 weeks ago
- Docker compose setup of an observability use case. Reporting metrics and traces from a nodejs app to Elasticsearch using APM Server using…☆24Dec 27, 2022Updated 3 years ago
- Plugin files for editing K files☆12Aug 20, 2024Updated last year
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19May 11, 2021Updated 4 years ago
- Ansible playbook for installing MineMeld on Linux☆47Mar 18, 2021Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- JIRA CLI☆20Sep 16, 2021Updated 4 years ago
- ☆34Oct 16, 2025Updated 5 months ago
- A guide on using Zimbra with Elastic Stack using centralized logging☆27Apr 26, 2023Updated 2 years ago
- Searches For Threat Hunting and Security Analytics☆239Mar 26, 2025Updated last year
- A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, t…☆12Nov 23, 2022Updated 3 years ago
- collector/runner☆64Sep 6, 2025Updated 7 months ago
- A solution for using the ElastiFlow Unified Collector with the Elastic Stack (Elasticsearch and Kibana).☆26Nov 10, 2025Updated 5 months ago
- Meer is a "spooler" for Suricata / Sagan.☆30Jun 21, 2023Updated 2 years ago
- A simple pam account module to process HBAC rules stored on an IPA server☆10May 14, 2018Updated 7 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Dockerfile and artifacts for running a self-contained HDP 2.3 "cluster" in a docker container☆10Aug 30, 2016Updated 9 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Jul 21, 2020Updated 5 years ago
- ☆13Dec 26, 2022Updated 3 years ago
- Experimental library for connecting Arduino boards to Elasticsearch and Elastic Cloud☆13Feb 6, 2025Updated last year
- Faker provider that loads data from your datasets☆19Nov 18, 2025Updated 4 months ago
- A Sigma based detection pipeline☆12Dec 15, 2023Updated 2 years ago