humio / python-humio

Related projects ⓘ

Alternatives and complementary repositories for python-humio

• kolide / docker-osquery
  Dockerfiles for containerized osquery
  ☆13Updated 7 years ago
• kolide / osquery-starter-kit
  A starter-kit for a source-controlled, CLI-based osquery management workflow.
  ☆30Updated 6 years ago
• OktaSecurityLabs / sgt
  Osquery Mangement Server
  ☆114Updated 4 years ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆11Updated 4 years ago
• CrowdStrike / FDR
  Falcon Data Replicator
  ☆30Updated 7 months ago
• vmware-archive / cb-reporting
  Report Generation from the Carbon Black REST API
  ☆15Updated 2 years ago
• CrowdStrike / falcon-integration-gateway
  Falcon Integration Gateway (FIG)
  ☆18Updated last month
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆52Updated last week
• 0xdefendA / defenda-data-lake
  defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events
  ☆16Updated last year
• paragbaxi / qualysapi
  Qualys API connector.
  ☆103Updated 3 months ago
• CrowdStrike / caracara
  Developer enhancements (DX) for FalconPy, the CrowdStrike Python SDK
  ☆36Updated last week
• ncsa / bro-doctor
  ☆23Updated 4 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 2 weeks ago
• carbonblack / cbfeeds
  Carbon Black Feeds
  ☆70Updated last year
• mikermcneil / fleet-osquery-in-a-box
  Simple Docker-based quickstart for osquery, Fleet, and ELK stack
  ☆60Updated last year
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆76Updated 4 years ago
• duosecurity / duo_log_sync
  ☆37Updated 2 weeks ago
• ocsf / examples
  This repo contains example of raw event examples and possible translations to the OCSF schema.
  ☆33Updated 2 weeks ago
• Netflix-Skunkworks / cloudtrail-anomaly
  ☆82Updated 4 years ago
• TITO-Threat-Intel / TITO-Framework
  TITO is a light framework for operationalizing threat intelligence that is platform and data agnostic.
  ☆20Updated 4 years ago
• spotify / terraform-google-grr
  A Terraform module for GRR: the distributed incident forensics and response framework
  ☆51Updated 4 years ago
• carbonblack / cb-event-forwarder
  Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.
  ☆73Updated 6 months ago
• chronicle / api-samples-python
  Python samples and utilities for Chronicle APIs
  ☆77Updated this week
• swimlane / swimlane-python
  🐍 Official Python client for the Swimlane API
  ☆33Updated last month
• philhagen / timeshift
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆19Updated 2 years ago
• zach-taylor / splunk_handler
  Python logging handler for sending logs to Splunk Enterprise
  ☆55Updated 6 months ago
• carbonblack / cbc-syslog
  Syslog Connector for the Carbon Black Cloud
  ☆28Updated last month