Alternatives and similar repositories for audisp-cef:

Users that are interested in audisp-cef are comparing it to the libraries listed below

• gdestuynder / audisp-json
  ☆42Updated 4 years ago
• ukncsc / stix-cvebuilder
  CVE Builder script that generates STIX formatted Exploit Target objects
  ☆18Updated 8 years ago
• beave / meer
  Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.
  ☆23Updated 3 years ago
• JustinAzoff / flow-indexer
  Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
  ☆44Updated 8 months ago
• t2mune / nield
  A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.
  ☆32Updated 3 months ago
• stevegrubb / security-assessor
  This is a set of scripts that scan a Linux system looking for security and robustness problems.
  ☆16Updated 2 months ago
• ikoniaris / thug-vagrant
  Vagrant configuration to setup a Thug honeyclient VM
  ☆20Updated 9 years ago
• kost / docker-cowrie
  A Docker container for Cowrie - SSH honeypot based on kippo
  ☆10Updated 9 years ago
• jandre / brosquery
  module for osquery to load Bro logs into tables
  ☆28Updated 9 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• PingTrip / broctl-setcap
  Broctl plugin for automatically executing 'setcap' on each node after an install
  ☆13Updated 4 years ago
• ministryofpromise / splunk2resilient
  splunk alert script to create resilient tickets
  ☆10Updated 8 years ago
• DCSO / slinkwatch
  automatic enumeration and maintenance of Suricata monitoring interfaces
  ☆11Updated 5 years ago
• MISP / ansible
  MISP - Ansible installation script
  ☆22Updated 5 years ago
• mixmodeai / bro_amqp_plugin
  PacketSled's Bro AMQP Writer Plugin
  ☆11Updated 8 years ago
• gamelinux / activedns
  An active domain name query tool to help keep track of domain name movements...
  ☆15Updated 3 years ago
• fygrave / ndf
  Network Defender Toolkit
  ☆18Updated 11 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆47Updated 6 years ago
• EricGershman / auditd-examples
  Collection of Auditd Examples and Presentations
  ☆82Updated 4 years ago
• adulau / passive-dns-atlas
  Passive DNS collection (and statistics) from RIPE Atlas Sensors
  ☆19Updated 7 years ago
• JustinAzoff / can-i-use-afpacket-fanout
  Validate if afpacket PACKET_FANOUT_HASH is working properly
  ☆25Updated 2 years ago
• alexwebr / sshflow
  Proof-of-concept that makes a guess at what applications are being tunneled through an SSH session. It works primarily by analyzing packe…
  ☆10Updated 11 years ago
• alphagov / puppet-auditd
  Puppet module for Auditd
  ☆40Updated 4 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• chrismarget / cisco-l2t
  Library and example applications for using/abusing the information-leaky L2Trace service on Cisco switches. PSIRT Advisory: cisco-sa-2019…
  ☆3Updated last year
• djcas9 / bro.vim
  bro.vim - A simple plugin for working with the bro scripting languages.
  ☆22Updated 5 years ago
• mricon / wotmate
  Web of trust grapher
  ☆39Updated 10 months ago
• mixmodeai / bro_intel_linter
  Bro Intel Feed Linter
  ☆26Updated 5 years ago
• juergh / lqs2mem
  Convert libvirt-QEMU-save (LQS) files to raw memory files
  ☆37Updated last year
• set-element / auditdBroFramework
  The Auditd Framework logs and applies security policy to linux auditd data
  ☆15Updated 7 years ago