Alternatives and similar repositories for audisp-cef

Users that are interested in audisp-cef are comparing it to the libraries listed below

• gdestuynder / audisp-json
  ☆41Updated 4 years ago
• ikoniaris / thug-vagrant
  Vagrant configuration to setup a Thug honeyclient VM
  ☆20Updated 10 years ago
• ukncsc / stix-cvebuilder
  CVE Builder script that generates STIX formatted Exploit Target objects
  ☆18Updated 8 years ago
• set-element / auditdBroFramework
  The Auditd Framework logs and applies security policy to linux auditd data
  ☆15Updated 7 years ago
• hillar / vagrant_moloch_bro_suricata
  vagrant multi-machine: Moloch, Bro,Suricata,ElasticSearch,Kibana
  ☆41Updated 10 years ago
• beave / meer
  Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.
  ☆23Updated 4 years ago
• JustinAzoff / flow-indexer
  Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
  ☆44Updated last year
• mricon / wotmate
  Web of trust grapher
  ☆38Updated 2 weeks ago
• alphagov / puppet-auditd
  Puppet module for Auditd
  ☆40Updated 4 years ago
• zeek / time-machine
  Time-Machine Dynamic Bulk Packet Recorder
  ☆36Updated 2 months ago
• Security-Onion-Solutions / securityonion-bro-scripts
  ☆24Updated 5 years ago
• automayt / FlowPlotter
  Generates visualizations from the output of flow tools such as SiLK.
  ☆35Updated 8 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• t2mune / nield
  A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.
  ☆32Updated 8 months ago
• mozilla / build-fwunit
  INACTIVE - http://mzl.la/ghe-archive - Unit Tests for your Network -
  ☆44Updated 6 years ago
• csirtgadgets / cif-v1
  DEPRECATED USE v3!
  ☆59Updated 9 years ago
• mitre / multiscanner-ansible
  Ansible configurations for distributed MultiScanner installations
  ☆14Updated 6 years ago
• PingTrip / broctl-setcap
  Broctl plugin for automatically executing 'setcap' on each node after an install
  ☆13Updated 4 years ago
• jandre / brosquery
  module for osquery to load Bro logs into tables
  ☆28Updated 10 years ago
• tribalchicken / postfix-cuckoolyse
  A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox
  ☆11Updated 9 years ago
• kost / docker-moloch
  A Docker container for Moloch based on minimal Debian
  ☆26Updated 9 years ago
• StamusNetworks / ansible-misp
  Ansible playbook to install Malware Information Sharing Platform (MISP)
  ☆17Updated 10 years ago
• zeek / zeek-sublime
  Zeek scripting language highlighting/support for Sublime Text
  ☆19Updated 3 years ago
• MISP / ansible
  MISP - Ansible installation script
  ☆22Updated 6 years ago
• TOoSmOotH / onionsalt
  Onion Salt git Repo
  ☆28Updated 4 years ago
• g-clef / KafkaLogger
  Logging plugin to bro to send logs to a Kafka broker
  ☆20Updated 7 years ago
• kost / docker-cowrie
  A Docker container for Cowrie - SSH honeypot based on kippo
  ☆10Updated 10 years ago
• plashchynski / viewssld
  viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…
  ☆74Updated 7 years ago
• thechrisharrod / Bloodhound
  Find permanent WMI event consumers on endpoints that could be used by APT actors.
  ☆17Updated 9 years ago
• fygrave / iocmap
  Indicator of Compromise Mapping Service
  ☆12Updated 11 years ago