kronik / devsecops2017
Monitoring attacks with elastick, kibana, grok, logstash and beats
☆20Updated 7 years ago
Related projects: ⓘ
- Lightweight and sexy Security Information and Event Managment system for OSSEC, Snort and other IDS/IPS☆107Updated 3 years ago
- Logstash Configuration for Linux Logs (Authentication, Apache, Mail)☆92Updated 4 years ago
- Kibana 4 Templates for Suricata IDPS☆33Updated 8 years ago
- Kibana 5 Templates for Suricata IDPS☆43Updated 6 years ago
- Live events map as a Kibana plugin☆73Updated 7 years ago
- Vulnerability scanner based on vulners.com audit API☆200Updated 6 years ago
- Splunk App for Linux Auditd☆58Updated 3 years ago
- Scripts and integrations for OSSEC☆39Updated 8 years ago
- bro on debian with elasticsearch support☆24Updated 7 years ago
- Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS☆183Updated 2 years ago
- Logstash configuration files for analyzing various types of logs☆25Updated 7 years ago
- harden system (linux, unix...)☆52Updated 2 months ago
- Kickstart profiles for CentOS 7 to help meet CIS benchmarks + shell script to audit☆53Updated 8 years ago
- ☆139Updated 3 months ago
- [DEPRECATED] Elastic Beats Input plugin for Graylog☆19Updated 5 years ago
- A search command for Splunk which will allow you to search Elastic Search and display the results in the Splunk GUI☆67Updated 7 years ago
- GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.☆195Updated last month
- Example configuration files for Logstash☆45Updated 4 years ago
- [DEPRECATED] Graylog Pipeline Message Processor Plugins☆21Updated 3 years ago
- SPL to lucene translator☆15Updated 9 years ago
- Docker container for MISP☆96Updated 6 years ago
- setup zeek, previously Bro IDS☆17Updated last month
- Dockerfiles for NSM tools☆84Updated 7 years ago
- Contains log parsers for Logstash for many systems and applications. Also contains many methods of augmenting logs.☆55Updated 6 years ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆51Updated 2 months ago
- Grabs the administrator and authentication logs from the Duo Security API and sends CEF-formatted syslog.☆28Updated 8 years ago
- CEF ( Common Event Format ) exporting app for Splunk written in python☆15Updated 10 years ago
- Store 802.11 frames in Elasticsearch. Visualize with Kibana☆56Updated 5 months ago
- The UCLA Information Security Office customized an integration of Logstash, Elasticsearch, and Kibana (the "ELK stack") to extract securi…☆22Updated 7 years ago
- Configurations of my logstash: logstash, filebeat, grok patterns: sshd, postfix, apache, sysdig, zimbra mailbox.log, zimbra zimbra.log, D…☆91Updated 4 years ago