Alternatives and similar repositories for RELK:

Users that are interested in RELK are comparing it to the libraries listed below

• ncsa / bro-doctor
  ☆23Updated 4 years ago
• alertflex / cnode
  alertflex controller
  ☆10Updated last year
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 6 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• santiago-bassett / Alienvault-Demo_scripts
  Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation
  ☆21Updated 7 years ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated 2 years ago
• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 4 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 2 weeks ago
• hosom / bro-otx
  Integrate Zeek with Alienvault OTX
  ☆25Updated 4 years ago
• binorassocies / brostash
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆34Updated 4 years ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• lprat / logstash-plugins
  My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …
  ☆10Updated 5 years ago
• dogoncouch / siemstress
  Very basic CLI SIEM (Security Information and Event Management system).
  ☆36Updated 6 years ago
• kx499-zz / ostip
  ☆28Updated 7 years ago
• joesecurity / Joe-Sandbox-Bro
  JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox
  ☆44Updated 5 years ago
• carolynduby / ApacheMetronWorkshop
  Apache Metron Workshop Lab materials and instructions.
  ☆35Updated 5 years ago
• mixmodeai / bro_intel_linter
  Bro Intel Feed Linter
  ☆26Updated 5 years ago
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆84Updated 5 years ago
• paulpc / nyx
  Threat Intelligence distribution
  ☆30Updated 9 years ago
• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 3 years ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 4 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• MISP / intelligence-icons
  intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…
  ☆39Updated 5 years ago
• neu5ron / es_stk
  ☆13Updated 2 years ago
• StamusNetworks / KTS6
  Kibana 6 Templates for Suricata IDPS Threat Hunting
  ☆24Updated 5 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• gcrahay / otx_misp
  Imports Alienvault OTX pulses to a MISP instance
  ☆52Updated 3 years ago
• giangm9 / CrawlerAndValidator
  ☆24Updated 8 years ago
• marcusbakker / GreyNoise
  Python tool build around GreyNoise's alpha/public API
  ☆10Updated 6 years ago
• Concinnity-Risks / LogisticalBudget
  This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…
  ☆35Updated 5 years ago