Alternatives and similar repositories for spl-parser

Users that are interested in spl-parser are comparing it to the libraries listed below

• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated last year
• salspaugh / splparser
  Simple parser for Splunk Processing Language (SPL) written in Python.
  ☆35Updated 7 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• marirs / sigma-convert
  Convert Sigma Rules to different formats
  ☆11Updated 10 months ago
• target / strelka-ui
  Strelka Web UI for File Submission and Analysis
  ☆69Updated last week
• OTRF / openhunt
  ☆34Updated 4 years ago
• grapl-security / grapl-analyzers
  Hosted analyzers built for Grapl
  ☆13Updated 2 years ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 5 years ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆55Updated 2 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated last week
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆83Updated last week
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 5 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated 5 months ago
• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 5 years ago
• Prelude-SIEM / prelude-correlator
  The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository
  ☆10Updated 4 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆52Updated 2 years ago
• mitre-attack / attack-data-model
  ATT&CK Data Model (ADM): A TypeScript library for structured interaction with MITRE ATT&CK datasets. Uses Zod schemas, TypeScript types, …
  ☆25Updated last week
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆134Updated 10 months ago
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆20Updated 9 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 7 years ago
• micrictor / spl-spt
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Updated 5 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆15Updated 4 years ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 4 years ago
• SigmaHQ / cookiecutter-pySigma-backend
  pySigma Cookiecutter backend template
  ☆25Updated 3 months ago
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆88Updated 6 years ago
• hire-vladimir / data_governance
  Data Governance app for Splunk
  ☆12Updated last year
• murchisd / splunk_pstree_app
  Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)
  ☆23Updated 2 years ago