elastic/security-action-examples external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

elastic/security-action-examples

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/elastic/security-action-examples)

Close

elastic / security-action-examplesView on GitHubMore

• External links
• Readme badge

This repository contains a few examples of actions that can be added to rules within Elastic Security.

☆24Feb 6, 2025Updated last year

Alternatives and similar repositories for security-action-examples

Users that are interested in security-action-examples are comparing it to the libraries listed below

• blookot / rsa2elk

  View on GitHub
  Converts Netwitness log parser configuration to Logstash configuration
  ☆20Sep 10, 2020Updated 5 years ago
• elastic / cortado

  View on GitHub
  ☆14Feb 18, 2026Updated last week
• Nclose-ZA / elastalert_hive_alerter

  View on GitHub
  This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
  ☆26May 18, 2021Updated 4 years ago
• theY4Kman / parsuricata

  View on GitHub
  Parse Suricata rules
  ☆13Aug 1, 2023Updated 2 years ago
• ipworkx / ecs-suricata

  View on GitHub
  ☆12Apr 23, 2020Updated 5 years ago
• WuerthPhoenix / safed

  View on GitHub
  Safed for Linux
  ☆14Jul 5, 2019Updated 6 years ago
• aacgood / Cortex-Analyzers

  View on GitHub
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Jan 29, 2020Updated 6 years ago
• corelight / ecs-mapping

  View on GitHub
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆33Nov 3, 2025Updated 3 months ago
• elastic / spring-petclinic

  View on GitHub
  REST version of the Spring Petclinic sample application
  ☆19Aug 8, 2024Updated last year
• ElasticSA / elsec_dr2an

  View on GitHub
  Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).
  ☆20Jul 1, 2023Updated 2 years ago
• PaloAltoNetworks / minemeld-ansible

  View on GitHub
  Ansible playbook for installing MineMeld on Linux
  ☆47Mar 18, 2021Updated 4 years ago
• molu8bits / squid-filebeat-kibana

  View on GitHub
  Filebeat module for Squid access.log + Kibana dashboards. ELK 7.x
  ☆17Sep 19, 2020Updated 5 years ago
• zampat / neteye4

  View on GitHub
  NetEye 4 community repository to share monitoring templates, Plugin scripts and instructions to enhance some NetEye modules in an guided …
  ☆18Dec 17, 2025Updated 2 months ago
• Zimbra / elastic-stack

  View on GitHub
  A guide on using Zimbra with Elastic Stack using centralized logging
  ☆27Apr 26, 2023Updated 2 years ago
• HKcyberstark / wazuh-ecs

  View on GitHub
  Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
  ☆28Jul 21, 2020Updated 5 years ago
• SHolzhauer / elastic-tip

  View on GitHub
  Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common …
  ☆28Jul 30, 2024Updated last year
• elastiflow / elastiflow_for_elasticsearch

  View on GitHub
  A solution for using the ElastiFlow Unified Collector with the Elastic Stack (Elasticsearch and Kibana).
  ☆25Nov 10, 2025Updated 3 months ago
• awais922609 / Lets-Defend-Solutions

  View on GitHub
  The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 mon…
  ☆12Apr 27, 2023Updated 2 years ago
• SimoneCagol / sigma-rules-crawler

  View on GitHub
  ☆33Oct 16, 2025Updated 4 months ago
• slurdge / docker-keewebdav

  View on GitHub
  A Docker repository to have a simple Caddy+Keeweb+Webdav solution
  ☆14Jul 20, 2024Updated last year
• hellocosmos / mitre-attck-suricata-automation

  View on GitHub
  Mitre ATT&CK and Suricata Rules Automation with AI & LLM
  ☆14Sep 28, 2024Updated last year
• zeek / zeek-training

  View on GitHub
  Zeek Training Materials/Products
  ☆41Feb 2, 2026Updated 3 weeks ago
• ugosan / logshark

  View on GitHub
  A command-line tool for debugging JSON logs, built in Go. Logshark integrates seamlessly with Beats and Logstash to provide real-time log…
  ☆41Dec 13, 2022Updated 3 years ago
• darkarnium / plugin.video.nowtv

  View on GitHub
  A simple Kodi add-on which wraps 'NOW TV Player' to integrate with Kodi.
  ☆13Jan 5, 2024Updated 2 years ago
• kso512 / checkmk_agent

  View on GitHub
  Ansible Role to install CheckMK RAW Edition agent
  ☆10Nov 18, 2025Updated 3 months ago
• gleeman2 / Graph-RRD

  View on GitHub
  Stor2rrd Grafan monitoring
  ☆12Jan 8, 2019Updated 7 years ago
• harikrishnant / VMware-AVI-Virtual-Service-Migrator

  View on GitHub
  Migrate VMware AVI Virtual Services across Cloud Accounts, VRF Contexts, Service Engine Groups and NSX T1 gateways
  ☆12Dec 15, 2024Updated last year
• cloudmesh / cloudmesh1

  View on GitHub
  ☆13Dec 26, 2022Updated 3 years ago
• drwestt / Nagios2GoogleChat

  View on GitHub
  Notify Alert to Google Chat Gsuite
  ☆11Mar 31, 2022Updated 3 years ago
• M0Rf30 / cie-middleware-linux

  View on GitHub
  🪪 Software per l'utilizzo della Carta d'Identità Elettronica Italiana - Accesso ai servizi della PA, firma e verifica di documenti 🇮�…
  ☆15Feb 12, 2026Updated 2 weeks ago
• fabaff / alpine-ansible

  View on GitHub
  Alpine Linux - Ansible Contrib Repository
  ☆35Jan 7, 2025Updated last year
• napalm-automation-community / napalm-aos

  View on GitHub
  NAPALM driver for Alcatel Lucent Enterprise AOS
  ☆11Apr 27, 2021Updated 4 years ago
• MonitoringPlug / monitoringplug

  View on GitHub
  My collection of monitoring plugins for Nagios and similar monitoring systems.
  ☆61May 16, 2020Updated 5 years ago
• Cargill / OpenSIEM-Logstash-Parsing

  View on GitHub
  SIEM Logstash parsing for more than hundred technologies
  ☆193Feb 20, 2026Updated last week
• sshahriyar / totalads

  View on GitHub
  Total Anomaly Detection System for software logs and traces
  ☆10Dec 7, 2015Updated 10 years ago
• jamesremuscat / plugin.video.eurosport2

  View on GitHub
  Proof-of-concept Kodi plugin for Eurosport Player
  ☆10Apr 29, 2023Updated 2 years ago
• ehaupt / cleanup-maildir

  View on GitHub
  Script for cleaning up and archiving mails in Maildir folders based on arival date
  ☆13Aug 1, 2024Updated last year
• nakamasato / mysql-operator

  View on GitHub
  Manage MySQL users, databases, schemas, etc.
  ☆13Feb 21, 2026Updated last week
• twitter-archive / bittern

  View on GitHub
  Bittern Cache uses nvdimm to speed up block io operations
  ☆15Oct 6, 2015Updated 10 years ago