Alternatives and similar repositories for spl-parser:

Users that are interested in spl-parser are comparing it to the libraries listed below

• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 4 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated 9 months ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 4 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 4 months ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆55Updated 2 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆51Updated 2 years ago
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆14Updated 3 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆34Updated 2 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• hire-vladimir / data_governance
  Data Governance app for Splunk
  ☆12Updated last year
• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 4 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated last month
• JohnLaTwC / Bluehat2018GraphWorkshop
  Bluehat 2018 Graphs for Security Workshop
  ☆42Updated 6 years ago
• splunk / security_content_docs
  Contains research.splunk.com site code
  ☆11Updated 10 months ago
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆16Updated 4 years ago
• Truvis / SplunkDashboards
  Collection of Dashboards for Threat Hunting and more!
  ☆65Updated 4 years ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆14Updated 4 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆130Updated 6 months ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆17Updated 3 years ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• InQuest / microsoft-office-macro-clustering
  ☆19Updated last year
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 3 years ago
• murchisd / splunk_pstree_app
  Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)
  ☆23Updated 2 years ago
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated last year
• grapl-security / grapl-analyzers
  Hosted analyzers built for Grapl
  ☆13Updated 2 years ago
• abhinavbom / clara
  Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets
  ☆31Updated 9 months ago
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆16Updated 2 years ago
• target / strelka-ui
  Strelka Web UI for File Submission and Analysis
  ☆63Updated this week