Alternatives and similar repositories for spl-parser

Users that are interested in spl-parser are comparing it to the libraries listed below

• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated last year
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 5 years ago
• marirs / sigma-convert
  Convert Sigma Rules to different formats
  ☆11Updated 9 months ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 5 years ago
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆55Updated 2 years ago
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated last year
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆52Updated 2 years ago
• salspaugh / splparser
  Simple parser for Splunk Processing Language (SPL) written in Python.
  ☆35Updated 7 years ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆15Updated 4 years ago
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆16Updated 2 years ago
• OTRF / openhunt
  ☆34Updated 3 years ago
• murchisd / splunk_pstree_app
  Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)
  ☆23Updated 2 years ago
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆16Updated 4 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 7 months ago
• mitre-attack / attack-data-model
  ATT&CK Data Model (ADM): A TypeScript library for structured interaction with MITRE ATT&CK datasets. Uses Zod schemas, TypeScript types, …
  ☆23Updated last month
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆82Updated last year
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated 5 months ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆23Updated 2 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 11 months ago
• Prelude-SIEM / prelude-correlator
  The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository
  ☆10Updated 4 years ago
• splunk / security_content_docs
  Contains research.splunk.com site code
  ☆11Updated last year
• target / strelka-ui
  Strelka Web UI for File Submission and Analysis
  ☆69Updated 2 weeks ago
• Security-Onion-Solutions / securityonion-image
  ☆48Updated this week
• JHUAPL / Low-Regret-Methodology
  ☆28Updated 4 years ago
• micrictor / spl-spt
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Updated 5 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• socprime / SigmaRulesIntegration
  ☆15Updated 7 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago