Alternatives and similar repositories for kafka-sigma-streams:

Users that are interested in kafka-sigma-streams are comparing it to the libraries listed below

• berthayes / cp-zeek
  Analyze Zeek IDS data with ksqlDB running on Confluent Platform via Docker on your laptop. Or spin up an arbitrary number of AWS hosts, …
  ☆11Updated 3 years ago
• wlaforest / KSQLGeo
  Geospatial UDFs for KSQL
  ☆22Updated 3 years ago
• JohnnyMirza / confluent_splunk_demo
  Confluent s2s Demo
  ☆10Updated last year
• humio / security_monitoring
  ☆41Updated last year
• alexverboon / SentinelTIUploadToolkit
  Sentinel Threat Intelligence Upload Toolkit
  ☆13Updated 8 months ago
• inodee / spl-to-kql
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆40Updated 4 years ago
• j91321 / ansible-role-sysmon
  Ansible role for installing Sysmon with popular config files included.
  ☆24Updated 2 years ago
• aacgood / Cortex-Analyzers
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Updated 5 years ago
• jokezone / Update-Sysmon
  This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
  ☆82Updated 2 years ago
• FalconForceTeam / KQLAnalyzer
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆32Updated 2 months ago
• olafhartong / Sentinel-template-parser
  Azure Sentinel Template parser
  ☆16Updated 4 years ago
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆16Updated 4 years ago
• Sophos-Community / XDR_Queries
  This hosts all queries created on the LD&R Forum
  ☆11Updated last month
• Truvis / Sentinel
  ☆27Updated 7 months ago
• IBM / wincollect
  ☆58Updated last year
• PaloAltoNetworks / SafeNetworking
  Read only mirror. To contribute or submit issues, please go to the website link --->
  ☆13Updated last year
• dstaulcu / SplunkTools
  A collection of scripts useful in management of Splunk deployment
  ☆20Updated 7 months ago
• LDO-CERT / mans_to_es
  Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
  ☆14Updated 2 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆20Updated 3 years ago
• counteractive / o365beat
  Elastic Beat for fetching and shipping Office 365 audit events
  ☆67Updated 4 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 3 months ago
• CiscoSecurity / fp-05-firepower-cef-connector-arcsight
  Cisco eStreamer client
  ☆24Updated 2 years ago
• rowham / WinSigmaRuleAnalyzer
  Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…
  ☆10Updated last year
• freeload101 / CrowdStrike_RTR_Powershell_Scripts
  ☆69Updated last year
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆42Updated 2 years ago
• SigmaHQ / pySigma-backend-insightidr
  ☆14Updated 6 months ago
• KustoKing / Hunting-Queries-Detection-Rules
  KQL Detections for Microsoft Sentinel and Microsoft 365 Defender
  ☆18Updated 4 months ago
• pfpt-andrew / Rapid-Response-Reporting
  RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…
  ☆37Updated 2 years ago
• joeavanzato / ThreatSim
  Threat Simulator for Enterprise Networks
  ☆14Updated 2 years ago
• rba-community / TA-opnsense
  Splunk Add on for OPNsense firewall
  ☆1Updated 6 months ago