elastic / security-action-examplesLinks
This repository contains a few examples of actions that can be added to rules within Elastic Security.
☆22Updated 6 months ago
Alternatives and similar repositories for security-action-examples
Users that are interested in security-action-examples are comparing it to the libraries listed below
Sorting:
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 3 years ago
- SIEM Logstash parsing for more than hundred technologies☆187Updated 2 weeks ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated 2 months ago
- Converts Netwitness log parser configuration to Logstash configuration☆20Updated 4 years ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated last week
- RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…☆57Updated 3 weeks ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆154Updated 5 months ago
- Splunk App for Linux Auditd☆57Updated 4 years ago
- Splunk Connect for Syslog☆166Updated last week
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 5 years ago
- Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:☆116Updated last week
- Log examples of vCenter Server Authentication & Authorization activities☆17Updated 6 years ago
- Wazuh - Splunk App☆56Updated 11 months ago
- Open source endpoint agent providing host information to Zeek. [v2]☆85Updated last week
- ☆127Updated last year
- Splunk Admins application to assist with troubleshooting Splunk enterprise installations☆96Updated 2 weeks ago
- Splunk Content Control Tool☆116Updated this week
- App examples for Splunk Enterprise☆147Updated this week
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆189Updated 4 years ago
- The Sigma command line interface based on pySigma☆158Updated 2 weeks ago
- Alert Wizard plugin for Graylog to manage the alert rules☆49Updated last month
- Home for Splunk security datasets.☆125Updated 5 years ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27Updated 4 years ago
- OSSEM Detection Model☆177Updated 2 years ago
- Data validator agains Splunk Common Information Model (CIM)☆76Updated last year
- A Dynamic test tool for Splunk Technology Add-ons☆64Updated last week
- ☆25Updated this week
- Alert notification plugin for Graylog to generate log messages from alerts☆26Updated last month
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago