georgestarcher / Splunk-ESIntel-KVStoreLinks
Splunk csv to KVStore ES Threat Intel
☆11Updated 8 years ago
Alternatives and similar repositories for Splunk-ESIntel-KVStore
Users that are interested in Splunk-ESIntel-KVStore are comparing it to the libraries listed below
Sorting:
- ☆55Updated 3 years ago
- scripts to configure the Splunk Universal Forwarder in a locked down state☆40Updated 6 years ago
- Sysmon Splunk App☆47Updated 6 years ago
- Network Forensics Bro scripts & pcap samples☆62Updated 11 years ago
- Allows for MAC address to vendor mapping in Splunk☆16Updated last year
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 3 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 7 years ago
- Example Splunk Alert Scripts☆20Updated 10 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆31Updated 4 years ago
- Carbon Black Feeds☆72Updated 2 years ago
- ☆49Updated 4 years ago
- Powershell Functions to interact with TheHive-Project☆10Updated 5 years ago
- Security Onion Splunk App☆10Updated 10 years ago
- MineMeld nodes for MISP☆19Updated last year
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- Report Generation from the Carbon Black REST API☆15Updated 3 years ago
- Python library for the ArcSight logger REST API☆27Updated 3 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- ☆39Updated 5 years ago
- Expert Investigation Guides☆51Updated 4 years ago
- Beholder is a shell script which installs and configures essentials to peer into your network activity.☆19Updated 7 years ago
- Command line interface to Carbon Black Response☆38Updated 5 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Updated 7 years ago
- A Splunk app to use MISP in background☆110Updated this week
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- Red Canary Carbon Black API☆20Updated 9 years ago
- QRadar Export the rule set for printing☆22Updated 7 years ago
- Bringing DevOps to Forensics☆34Updated 10 years ago