Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
☆87May 8, 2025Updated 10 months ago
Alternatives and similar repositories for qradar
Users that are interested in qradar are comparing it to the libraries listed below
Sorting:
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆40May 18, 2022Updated 3 years ago
- Using QRadar API☆20Feb 23, 2018Updated 8 years ago
- This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM☆16Jan 30, 2026Updated last month
- NHSuite allows users to efficiently manage their QRadar Network Hierarchy. Utilizing the provided QRadar API, users can seamlessly export…☆26Jan 22, 2024Updated 2 years ago
- QRadar Export the rule set for printing☆23Oct 23, 2017Updated 8 years ago
- Monitor device events using QRadar☆22Sep 17, 2025Updated 5 months ago
- 🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS …☆14Mar 27, 2024Updated last year
- These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.☆51Updated this week
- Scripts to automatically import threat intel into QRadar☆14Jun 20, 2019Updated 6 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Aug 13, 2021Updated 4 years ago
- IBM QRadar Ansible Collection☆25Mar 2, 2026Updated last week
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Jul 26, 2019Updated 6 years ago
- Integrate IBM QRadar and RPA to automate security L1 tasks.☆14May 20, 2022Updated 3 years ago
- Source code for IBM SOAR Apps that are available on our App Exchange☆93Feb 20, 2026Updated 2 weeks ago
- Resilient Automation Functions and Scripts☆15Jan 5, 2022Updated 4 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.☆59Jun 11, 2019Updated 6 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆34Apr 20, 2023Updated 2 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19May 11, 2021Updated 4 years ago
- QRadar Sample Apps for use with V2 of the QRadar App Framework☆23Sep 17, 2025Updated 5 months ago
- Developer documentation for Resilient APIs☆25Jan 6, 2025Updated last year
- Content for cyber defense course☆14Oct 15, 2014Updated 11 years ago
- This powerbi dashboards will help the Security team to analyze KBs, delivered monthly by Microsoft☆14Mar 9, 2022Updated 4 years ago
- Kestrel Jupyter Notebook Kernel☆10Oct 19, 2023Updated 2 years ago
- Snort 2.9.8.x on Ubuntu 16 LTS with Barnyard2, PulledPork, and Snorby☆11Apr 10, 2016Updated 9 years ago
- IBM QRadar opinionated API client in Go☆12Mar 15, 2023Updated 2 years ago
- ☆58Sep 17, 2025Updated 5 months ago
- BLACK ESK SIEM is a SIEM platform built with Elasticsearch, Syslog-Ng and Kibana☆28Mar 4, 2023Updated 3 years ago
- Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook☆54May 24, 2020Updated 5 years ago
- Samples of visualization add-ons to QRadar, utilizing public REST APIs☆33May 17, 2016Updated 9 years ago
- A SIEM inspired by HECTOR, built on Django.☆27Apr 16, 2019Updated 6 years ago
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆42Jun 27, 2021Updated 4 years ago
- Flame - Send vulnerabilities reports to SIEM☆15Jul 28, 2016Updated 9 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- Example scripts and rules for use in Resilient playbooks.☆35Dec 15, 2023Updated 2 years ago
- the fastest way to consume threat intelligence.☆30Mar 9, 2023Updated 3 years ago
- [DEPRECATED] SIP Swiss army knife☆19Oct 25, 2019Updated 6 years ago
- Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!☆18Nov 5, 2013Updated 12 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Apr 10, 2020Updated 5 years ago