georgestarcher / Splunk-ESIntel-KVStoreLinks
Splunk csv to KVStore ES Threat Intel
☆11Updated 9 years ago
Alternatives and similar repositories for Splunk-ESIntel-KVStore
Users that are interested in Splunk-ESIntel-KVStore are comparing it to the libraries listed below
Sorting:
- ☆55Updated 3 years ago
- Carbon Black Feeds☆73Updated 2 years ago
- InvestigationPlaybookSpec☆72Updated 8 years ago
- Network Forensics Bro scripts & pcap samples☆63Updated 11 years ago
- ☆50Updated 5 years ago
- Expert Investigation Guides☆51Updated 4 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 6 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Updated 4 years ago
- Sysmon Splunk App☆47Updated 7 years ago
- Imports Alienvault OTX pulses to a MISP instance☆53Updated 4 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 8 years ago
- the fastest way to consume threat intelligence.☆31Updated 2 years ago
- An OpenTAXII Configuration for MISP☆84Updated 3 years ago
- A Splunk app to use MISP in background☆111Updated last week
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20Updated 3 years ago
- A utility repo to assist with converting between MISP and STIX formats☆69Updated 4 years ago
- Python library for the ArcSight logger REST API☆27Updated 4 years ago
- Integrate Zeek with Alienvault OTX☆25Updated 5 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆40Updated 3 years ago
- The Bro/Zeek language cheat sheet☆53Updated 12 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated last month
- Volatility plugins developed and maintained by the community☆21Updated last year
- misp-cloud - Cloud-ready images of MISP☆74Updated 3 years ago
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- scripts to configure the Splunk Universal Forwarder in a locked down state☆40Updated 6 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆23Updated 6 years ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27Updated 4 years ago
- QRadar Export the rule set for printing☆23Updated 8 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆43Updated 9 years ago