jay-johnson / spylunking
Drill down into your python logs using JSON logs stored in Splunk - supports sending over TCP or the Splunk HEC REST API handlers (using threads or multiprocessing) - includes a pre-configured Splunk sandbox in a docker container
☆12Updated 2 years ago
Alternatives and similar repositories for spylunking:
Users that are interested in spylunking are comparing it to the libraries listed below
- Repository for lab materials for the Advanced Cloud Security and Applied DevSecOps training class.☆11Updated 5 years ago
- Notebook collection☆10Updated 6 years ago
- Data Governance app for Splunk☆12Updated last year
- A set of AWS resources for testing the Log4Shell vulnerability, deployable with terraform☆12Updated 3 years ago
- ☆30Updated 6 years ago
- Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets☆31Updated 10 months ago
- Materials for the BSides NoVA/Charleston 2018 Bro Workshop☆14Updated 3 weeks ago
- Finding Valuable Needles in Global Source Code Haystacks with Automation☆17Updated 4 years ago
- REST API test utility☆22Updated 5 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 6 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 5 months ago
- Convert Sigma Rules to different formats☆11Updated 7 months ago
- Python module for evaluation of AWS account best practices around incident handling readieness.☆55Updated 4 years ago
- ☆11Updated 7 years ago
- Python code shared by Scout2 and AWS-Recipes☆24Updated 6 years ago
- ☆25Updated 6 years ago
- S3Insights is a platform for efficiently deriving security insights about S3 data through metadata analysis☆12Updated 3 weeks ago
- For use in our Tenable.IO to AWS Security Hub integration☆28Updated 2 weeks ago
- AWS infrastructure for Cyber Hygiene and BOD 18-01 scanning☆20Updated last week
- Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and s…☆19Updated last month
- The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository☆10Updated 3 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 4 years ago
- ☆82Updated 5 years ago
- Infrastructure code to run notebooks on some EC2 nodes☆10Updated 6 years ago
- Tools to automate AWS Cloud security assessments☆24Updated 5 years ago
- Python bindings for Yeti's API☆18Updated last year
- Python tool build around GreyNoise's alpha/public API☆11Updated 6 years ago
- Move frozen buckets to AWS S3 (and ultimately Glacier) for long term storage☆12Updated 7 years ago
- Sample code snippets for consuming the CloudSploit API☆13Updated last year
- An example of a vulnerable slack bot that runs in AWS lambda.☆19Updated 7 years ago