Alternatives and similar repositories for spl-parser:

Users that are interested in spl-parser are comparing it to the libraries listed below

• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆55Updated 2 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 4 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆129Updated 5 months ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated 7 months ago
• target / strelka-ui
  Strelka Web UI for File Submission and Analysis
  ☆62Updated 5 months ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• salspaugh / splparser
  Simple parser for Splunk Processing Language (SPL) written in Python.
  ☆35Updated 6 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 2 months ago
• grapl-security / grapl-analyzers
  Hosted analyzers built for Grapl
  ☆13Updated 2 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆50Updated 2 years ago
• swimlane / pyattck-data
  This repository contains generated contextual data utilized by pyattck.
  ☆18Updated 6 months ago
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• murchisd / splunk_pstree_app
  Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)
  ☆23Updated last year
• JohnLaTwC / Bluehat2018GraphWorkshop
  Bluehat 2018 Graphs for Security Workshop
  ☆42Updated 6 years ago
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆77Updated last year
• OTRF / openhunt
  ☆33Updated 3 years ago
• SigmaHQ / cookiecutter-pySigma-backend
  pySigma Cookiecutter backend template
  ☆21Updated 2 months ago
• mitre / stockpile
  A CALDERA plugin
  ☆74Updated 2 months ago
• Xyrodileas / misp-k8s
  Automated deployment of MISP and MISP-Dashboard via K8S and AWS
  ☆19Updated 5 years ago
• opencybersecurityalliance / documentation
  OCA-wide documentation shared by all sub-projects and repositories
  ☆33Updated 3 months ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• Benster900 / BlogProjects
  Various blog post projects.
  ☆10Updated 7 months ago
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆16Updated 4 years ago
• mitre / atomic
  A MITRE Caldera plugin
  ☆40Updated 2 months ago
• endgameinc / eql
  ☆218Updated last year
• sduff / mitre_attack_csv
  MITRE ATT&CK in CSV form
  ☆18Updated last year
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆97Updated 2 weeks ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆72Updated 3 months ago
• phantomcyber / phantom-apps
  Phantom Apps Repo
  ☆82Updated 3 years ago