kpolley / RELKLinks
RELK -- The Research Elastic Stack (Kafka, Beats, Zookeeper, Logstash, ElasticSearch, Kibana, Spark, & Jupyter -- All in Docker)
☆26Updated 5 years ago
Alternatives and similar repositories for RELK
Users that are interested in RELK are comparing it to the libraries listed below
Sorting:
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last week
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- A tool to convert MISP XML files (events and attributes) into graphs☆20Updated 8 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- ☆20Updated 5 years ago
- Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation☆21Updated 7 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- ☆23Updated 5 years ago
- Add POST body excerpt to Bro's HTTP log☆14Updated last year
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- Python tool build around GreyNoise's alpha/public API☆11Updated 6 years ago
- Imports Alienvault OTX pulses to a MISP instance☆53Updated 3 years ago
- ☆34Updated 4 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆19Updated 6 years ago
- An anomaly-based intrusion detection system.☆83Updated 2 years ago
- Real-time Packet Observation Tool☆39Updated last year
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- alertflex controller☆10Updated 3 months ago
- Files from my Storm Center Articles☆17Updated last year
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 4 years ago
- ☆33Updated 5 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 5 years ago
- ☆15Updated 7 years ago
- BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to captu…☆20Updated 5 years ago
- ☆24Updated 9 years ago
- Apache Metron☆59Updated 4 years ago
- Bro Intel Feed Linter☆26Updated 5 years ago