kotlaluk / spl-parserLinks
Parser for Splunk's Search Processing Language (SPL) syntax highlighting
☆19Updated 5 years ago
Alternatives and similar repositories for spl-parser
Users that are interested in spl-parser are comparing it to the libraries listed below
Sorting:
- Firepit - STIX Columnar Storage☆16Updated last year
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 5 years ago
- Convert Sigma Rules to different formats☆11Updated 9 months ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- OSSEM Common Data Model☆55Updated 2 years ago
- Kestrel Jupyter Notebook Kernel☆9Updated last year
- Threat Detection & Anomaly Detection rules for popular open-source components☆52Updated 2 years ago
- Simple parser for Splunk Processing Language (SPL) written in Python.☆35Updated 7 years ago
- CyCAT.org taxonomies☆15Updated 4 years ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆16Updated 2 years ago
- ☆34Updated 3 years ago
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆23Updated 2 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆16Updated 4 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 7 months ago
- ATT&CK Data Model (ADM): A TypeScript library for structured interaction with MITRE ATT&CK datasets. Uses Zod schemas, TypeScript types, …☆23Updated last month
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆82Updated last year
- Specifications used in the MISP project including MISP core format☆51Updated 5 months ago
- Workflows for Shuffle☆23Updated 2 years ago
- Automatic detection engineering technical state compliance☆55Updated 11 months ago
- The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository☆10Updated 4 years ago
- Contains research.splunk.com site code☆11Updated last year
- Strelka Web UI for File Submission and Analysis☆69Updated 2 weeks ago
- ☆48Updated this week
- ☆28Updated 4 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 5 years ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- ☆15Updated 7 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago