kpolley / RELK

Related projects: ⓘ

• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 4 years ago
• carolynduby / ApacheMetronWorkshop
  Apache Metron Workshop Lab materials and instructions.
  ☆35Updated 4 years ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆11Updated 4 years ago
• morrigan / user-behavior-anomaly-detector
  User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.
  ☆33Updated 7 years ago
• dogoncouch / siemstress
  Very basic CLI SIEM (Security Information and Event Management system).
  ☆34Updated 6 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆32Updated last year
• corelight / log-add-http-post-bodies
  Add POST body excerpt to Bro's HTTP log
  ☆14Updated 4 months ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆33Updated 3 weeks ago
• ncsa / bro-doctor
  ☆23Updated 4 years ago
• pauloangelo / hogzilla
  Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…
  ☆28Updated 6 years ago
• hosom / bro-otx
  Integrate Zeek with Alienvault OTX
  ☆24Updated 4 years ago
• mrebeschini / elastic-siem-workshop
  ☆27Updated 4 years ago
• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 3 years ago
• DanielSchwartz1 / SplunkForPCAP
  The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap)…
  ☆40Updated 8 months ago
• counterflow-ai-archive / dragonfly-mle
  ☆52Updated this week
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated last year
• StamusNetworks / KTS6
  Kibana 6 Templates for Suricata IDPS Threat Hunting
  ☆25Updated 5 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 5 years ago
• adi928 / brocata
  Porting Suricata to Bro signatures
  ☆6Updated 5 years ago
• Nclose-ZA / elastalert_hive_alerter
  This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
  ☆27Updated 3 years ago
• trustar / trustar-python
  ☆12Updated this week
• binorassocies / brostash
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆34Updated 4 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆15Updated 3 years ago
• jordisk / TheHive2Sigma
  Python script to automatically create sigma rules from The hive observables
  ☆23Updated 5 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆45Updated 2 months ago
• makemytrip / dataShark
  dataShark is a Security & Network Event Analytics Framework built on Apache Spark
  ☆46Updated 7 years ago
• MalwareSoup / sysmon2neo4j
  ☆15Updated 7 years ago
• santiago-bassett / Alienvault-Demo_scripts
  Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation
  ☆22Updated 7 years ago
• alertflex / cnode
  alertflex controller
  ☆10Updated 8 months ago
• danielguerra69 / bro-debian-elasticsearch
  bro on debian with elasticsearch support
  ☆24Updated 7 years ago