kotlaluk / spl-parser
Parser for Splunk's Search Processing Language (SPL) syntax highlighting
☆19Updated 5 years ago
Alternatives and similar repositories for spl-parser:
Users that are interested in spl-parser are comparing it to the libraries listed below
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 4 years ago
- Firepit - STIX Columnar Storage☆16Updated 10 months ago
- This repository contains generated contextual data utilized by pyattck.☆19Updated last month
- ☆33Updated 3 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Convert Sigma Rules to different formats☆11Updated 7 months ago
- OSSEM Common Data Model☆55Updated 2 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 4 years ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆23Updated 2 years ago
- Specifications used in the MISP project including MISP core format☆51Updated 3 months ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆10Updated 10 months ago
- Strelka Web UI for File Submission and Analysis☆64Updated this week
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated 2 months ago
- CyCAT.org taxonomies☆14Updated 3 years ago
- Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.☆24Updated 8 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 5 months ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆16Updated 2 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆16Updated 4 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Workflows for Shuffle☆21Updated 2 years ago
- Generic Signature Format for SIEM Systems☆14Updated 3 years ago
- Best practices in threat intelligence☆46Updated 2 years ago
- Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…☆14Updated last year
- The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository☆10Updated 3 years ago
- Simulates a compromise in a cloud and container environment☆32Updated 3 months ago
- Open source endpoint agent providing host information to Zeek. [v2]☆79Updated 5 months ago
- STIX 2.1 Data Modeling Tool☆26Updated 9 months ago
- ☆20Updated 4 years ago