michaelpeacock / kafka-sigma-streamsLinks
☆19Updated 3 years ago
Alternatives and similar repositories for kafka-sigma-streams
Users that are interested in kafka-sigma-streams are comparing it to the libraries listed below
Sorting:
- Analyze Zeek IDS data with ksqlDB running on Confluent Platform via Docker on your laptop. Or spin up an arbitrary number of AWS hosts, …☆11Updated 3 years ago
- ☆42Updated 2 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆43Updated 4 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- Confluent s2s Demo☆10Updated 2 years ago
- Parses the FireEye HX .mans triage collections and sends them to ElasticSearch☆14Updated 2 years ago
- Elastic Beat for fetching and shipping Office 365 audit events☆67Updated 4 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated 2 years ago
- This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…☆15Updated 4 years ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated 3 weeks ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆36Updated 5 months ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆31Updated 4 years ago
- PowerShell - Endpoint Analysis Solution Your Windows Intranet Needs☆48Updated 7 months ago
- ☆15Updated 8 years ago
- Kerberos Haters Guide to Zeek Threat Hunting☆28Updated 3 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆93Updated 3 years ago
- A PowerShell incident response script for quick triage☆80Updated 2 years ago
- Scripted inputs designed to address common use-cases in forwarder misconfigurations in a Splunk deployment☆35Updated 10 months ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27Updated 4 years ago
- ☆15Updated 9 months ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- A Splunk technology add-on for osquery☆14Updated 4 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆54Updated 3 years ago
- Powershell Event Tracing Toolbox☆76Updated 3 years ago
- Convert Sigma rules to LogRhythm searches☆21Updated 3 years ago
- Splunk TA for sending completion requests to ChatGPT☆25Updated last year
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆91Updated 2 weeks ago
- A repository of Sysmon For Linux configuration modules☆15Updated 3 years ago