kpolley / RELK
RELK -- The Research Elastic Stack (Kafka, Beats, Zookeeper, Logstash, ElasticSearch, Kibana, Spark, & Jupyter -- All in Docker)
☆26Updated 4 years ago
Related projects: ⓘ
- ☆20Updated 4 years ago
- Apache Metron Workshop Lab materials and instructions.☆35Updated 4 years ago
- A Zeek package that detects Zoom logins and meeting joins☆11Updated 4 years ago
- User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.☆33Updated 7 years ago
- Very basic CLI SIEM (Security Information and Event Management system).☆34Updated 6 years ago
- Zeek support for Community ID flow hashing.☆32Updated last year
- Add POST body excerpt to Bro's HTTP log☆14Updated 4 months ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Updated 3 weeks ago
- ☆23Updated 4 years ago
- Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…☆28Updated 6 years ago
- Integrate Zeek with Alienvault OTX☆24Updated 4 years ago
- ☆27Updated 4 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap)…☆40Updated 8 months ago
- ☆52Updated this week
- Utility for parsing Bro log files into CSV or JSON format☆41Updated last year
- Kibana 6 Templates for Suricata IDPS Threat Hunting☆25Updated 5 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 5 years ago
- Porting Suricata to Bro signatures☆6Updated 5 years ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27Updated 3 years ago
- ☆12Updated this week
- brostash: Linux distribution based on Debian and focusing on network security events collection☆34Updated 4 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆15Updated 3 years ago
- Python script to automatically create sigma rules from The hive observables☆23Updated 5 years ago
- Specifications used in the MISP project including MISP core format☆45Updated 2 months ago
- dataShark is a Security & Network Event Analytics Framework built on Apache Spark☆46Updated 7 years ago
- ☆15Updated 7 years ago
- Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation☆22Updated 7 years ago
- alertflex controller☆10Updated 8 months ago
- bro on debian with elasticsearch support☆24Updated 7 years ago