Alternatives and similar repositories for RELK

Users that are interested in RELK are comparing it to the libraries listed below

• HKcyberstark / Vuln_Mod
  Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer
  ☆19Updated 5 years ago
• adi928 / brocata
  Porting Suricata to Bro signatures
  ☆6Updated 5 years ago
• santiago-bassett / Alienvault-Demo_scripts
  Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation
  ☆21Updated 7 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• dougiep16 / actortrackr
  Home to the ActorTrackr source code
  ☆24Updated 7 years ago
• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 5 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• socprime / SigmaRulesIntegration
  ☆15Updated 7 years ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated 2 years ago
• MISP / misp-graph
  A tool to convert MISP XML files (events and attributes) into graphs
  ☆20Updated 8 years ago
• OTRF / openhunt
  ☆34Updated 3 years ago
• thomaspatzke / sigma-workshop
  Elasticsearch/Kibana environment and log data for Sigma workshop
  ☆26Updated 5 years ago
• TheHive-Project / TheHive-Resources
  A repository to share contributions related to TheHive Project
  ☆22Updated 3 years ago
• CIRCL / pcapdj
  pcapdj - dispatch pcap files
  ☆45Updated 4 years ago
• binorassocies / brostash
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆34Updated 4 years ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 5 years ago
• hosom / bro-otx
  Integrate Zeek with Alienvault OTX
  ☆25Updated 4 years ago
• ncsa / bro-doctor
  ☆23Updated 5 years ago
• shendo / netsink
  Network sinkhole for isolated malware analysis
  ☆40Updated 7 years ago
• egaus / malicious_url_analysis
  ☆18Updated 6 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated last month
• gcrahay / otx_misp
  Imports Alienvault OTX pulses to a MISP instance
  ☆52Updated 3 years ago
• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 4 years ago
• geekscrapy / docker-snort
  Snort + Pulledpork + Websnort in Docker!
  ☆21Updated 3 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• lprat / logstash-plugins
  My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …
  ☆10Updated 5 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated 5 months ago
• dogoncouch / siemstress
  Very basic CLI SIEM (Security Information and Event Management system).
  ☆39Updated 7 years ago
• mrebeschini / elastic-siem-workshop
  ☆27Updated 5 years ago
• nccgroup / JA3_outlier
  Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes
  ☆16Updated 2 years ago