jay-johnson / spylunking
Drill down into your python logs using JSON logs stored in Splunk - supports sending over TCP or the Splunk HEC REST API handlers (using threads or multiprocessing) - includes a pre-configured Splunk sandbox in a docker container
☆12Updated 2 years ago
Alternatives and similar repositories for spylunking:
Users that are interested in spylunking are comparing it to the libraries listed below
- Data Governance app for Splunk☆12Updated last year
- Move frozen buckets to AWS S3 (and ultimately Glacier) for long term storage☆12Updated 7 years ago
- ☆25Updated 6 years ago
- Notebook collection☆10Updated 6 years ago
- S3Insights is a platform for efficiently deriving security insights about S3 data through metadata analysis☆12Updated last month
- Python code shared by Scout2 and AWS-Recipes☆24Updated 6 years ago
- ☆30Updated 6 years ago
- Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and s…☆19Updated 2 months ago
- Script to retrieve the list of AWS Services and their one-line descriptions☆38Updated 4 years ago
- The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository☆10Updated 3 years ago
- A Lambda-powered Security Orchestration framework for AWS GuardDuty☆52Updated 5 years ago
- This script is used to generate some basic detections of the aws security services☆71Updated 3 years ago
- ☆18Updated 6 years ago
- ☆13Updated 5 years ago
- notes on configuring aws organizations☆11Updated 8 years ago
- Following repository contains source codes used in my two Books.☆11Updated 9 years ago
- Varna: Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)☆52Updated 2 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 5 years ago
- Materials for the BSides NoVA/Charleston 2018 Bro Workshop☆14Updated last month
- A few quick recipes for those that do not have much time during the day☆22Updated 5 months ago
- Python logging handler for sending logs to Splunk Enterprise☆57Updated 11 months ago
- Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets☆31Updated 11 months ago
- Manage GuardDuty At Enterprise Scale☆22Updated 4 years ago
- Splunk scripted input for opening a backconnect shell on a remote forwarder☆45Updated 4 years ago
- defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events☆16Updated 2 years ago
- Documentation used for Shuffle☆19Updated 3 weeks ago
- his solution helps customers more easily manage their fleet of servers, automate software inventory management, OS patch compliance, and …☆29Updated last year
- Python module for evaluation of AWS account best practices around incident handling readieness.☆55Updated 4 years ago
- A set of AWS resources for testing the Log4Shell vulnerability, deployable with terraform☆12Updated 3 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 6 years ago