guillain / LogStash-confLinks
Configuration of LogStash (and Filebeat) for Analytics treatment.
☆16Updated 7 years ago
Alternatives and similar repositories for LogStash-conf
Users that are interested in LogStash-conf are comparing it to the libraries listed below
Sorting:
- Kibana 7 Templates for Suricata IDPS Threat Hunting☆43Updated last month
- Our collection of Wazuh detection rules for our Offense Lab☆16Updated 3 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆28Updated 5 years ago
- Installation script for ELK stack to make life easy.☆69Updated 5 years ago
- Collection of Suricata rule sets that I use modified to my environments.☆40Updated 5 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆70Updated 4 years ago
- The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap)…☆44Updated last year
- tshark + ELK analytics virtual machine☆69Updated 9 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆37Updated 3 years ago
- This repository contains advanced threat hunting scripts for Cisco Secure Endpoint API. The scripts leverage the AMP API to hunt for thre…☆14Updated 4 months ago
- Scripts to automatically import threat intel into QRadar☆14Updated 6 years ago
- collector/runner☆65Updated 2 months ago
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆19Updated 6 years ago
- Kibana 6 Templates for Suricata IDPS Threat Hunting☆24Updated 6 years ago
- Quickly generate suricata rules for IOCs☆28Updated 4 years ago
- Alert notification plugin for Graylog to generate log messages from alerts☆26Updated 2 months ago
- Wazuh integration TheHive☆40Updated 2 years ago
- An Ansible playbook for deploying the Suricata intrusion detection system and fetching Snort rules with Oinkmaster.☆17Updated 4 years ago
- A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.☆55Updated 3 years ago
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆141Updated 9 months ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 4 years ago
- Snort IDS/IPS log analytics using the Elastic Stack.☆87Updated 4 years ago
- Useful scripts for those administering Wazuh☆87Updated last week
- Example Suricata rules implementing some of my detection tactics☆22Updated 2 years ago
- PowerShell scripts for fast Windows Event Collector configuration with Palantir toolset☆22Updated 3 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆63Updated 3 years ago
- OwlH Master API☆24Updated 6 months ago
- Elastic Beat for fetching and shipping Office 365 audit events☆68Updated 5 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 4 years ago