kpolley / RELKLinks
RELK -- The Research Elastic Stack (Kafka, Beats, Zookeeper, Logstash, ElasticSearch, Kibana, Spark, & Jupyter -- All in Docker)
☆26Updated 5 years ago
Alternatives and similar repositories for RELK
Users that are interested in RELK are comparing it to the libraries listed below
Sorting:
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to captu…☆19Updated 5 years ago
- Very basic CLI SIEM (Security Information and Event Management system).☆41Updated 7 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 5 years ago
- CARET - A tool for viewing cyber analytic relationships☆55Updated 5 years ago
- pcapdj - dispatch pcap files☆46Updated 5 years ago
- ☆35Updated 4 years ago
- SIAC is an enterprise SIEM built on open-source technology.☆116Updated 6 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆88Updated 6 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆68Updated last year
- intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…☆41Updated 6 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- Integrate Zeek with Alienvault OTX☆25Updated 5 years ago
- the fastest way to consume threat intelligence.☆31Updated 2 years ago
- Build Automated Machine Images for MISP☆29Updated 2 years ago
- Python module to use the MISP Taxonomies☆29Updated 2 weeks ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated 3 weeks ago
- Home to the ActorTrackr source code☆24Updated 8 years ago
- Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes☆16Updated 3 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- ☆18Updated 7 years ago
- Using QRadar API☆20Updated 7 years ago
- Imports Alienvault OTX pulses to a MISP instance☆53Updated 4 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Python module to interface with the OpenDNS Investigate API☆63Updated 3 years ago
- ☆13Updated 3 years ago
- Tool for automatic list generation of known TOR and VPN exit nodes☆29Updated last year
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 8 years ago
- Python script to automatically create sigma rules from The hive observables☆25Updated 6 years ago