grafana / pySigma-backend-lokiLinks
pySigma backend for generating Grafana Loki/LogQL rules
☆49Updated last week
Alternatives and similar repositories for pySigma-backend-loki
Users that are interested in pySigma-backend-loki are comparing it to the libraries listed below
Sorting:
- Helm charts for running open source digital forensic tools in Kubernetes☆173Updated this week
- Production-ready detection & response queries for osquery☆596Updated 4 months ago
- A curated list of resources about detecting threats and defending Kubernetes systems.☆399Updated 2 years ago
- Falco rule repository☆149Updated this week
- Transform Linux Audit logs for SIEM usage☆804Updated 2 months ago
- This is a collection of threat detection rules / rules engines that I have come across.☆298Updated last year
- A standard for reducing log volume without sacrificing analytical capability☆213Updated 9 months ago
- ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…☆495Updated 2 weeks ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆100Updated 3 months ago
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆680Updated 2 months ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆286Updated last year
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆132Updated last year
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆335Updated 7 months ago
- An implementation of a Windows Event Collector server running on GNU/Linux.☆84Updated last month
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆239Updated last month
- CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known…☆265Updated 3 weeks ago
- Generate datasets of cloud audit logs for common attacks☆226Updated last year
- Docker image for MISP☆135Updated 2 weeks ago
- Curating Falco rules with MITRE ATT&CK Matrix☆86Updated last year
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆223Updated last year
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆506Updated this week
- Tool for building Kubernetes attack paths☆924Updated 3 weeks ago
- The Sigma command line interface based on pySigma☆166Updated last week
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆290Updated last year
- 🧰 Multi Tool Kubernetes Pentest Image☆249Updated 3 months ago
- Deep Linux runtime visibility meets Wireshark☆293Updated last month
- Awesome Incident Response☆283Updated 2 months ago
- Halberd : Multi-Cloud Agentic Attack Tool☆323Updated last month
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆81Updated last year
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆167Updated this week