Alternatives and similar repositories for kafka-sigma-streams

Users that are interested in kafka-sigma-streams are comparing it to the libraries listed below

• berthayes / cp-zeek
  Analyze Zeek IDS data with ksqlDB running on Confluent Platform via Docker on your laptop. Or spin up an arbitrary number of AWS hosts, …
  ☆11Updated 3 years ago
• JohnnyMirza / confluent_splunk_demo
  Confluent s2s Demo
  ☆10Updated 2 years ago
• LDO-CERT / mans_to_es
  Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
  ☆14Updated 2 years ago
• bentleymi / ChatGPT-4-Splunk
  Splunk TA for sending completion requests to ChatGPT
  ☆25Updated last year
• splunk / TA-misp_es
  MISP to Splunk Enterprise Security Theat Intelligence Framework Integration
  ☆12Updated last year
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆16Updated 4 years ago
• humio / security_monitoring
  ☆41Updated 2 years ago
• aacgood / Cortex-Analyzers
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Updated 5 years ago
• MattUebel / splunk_UF_hardening
  scripts to configure the Splunk Universal Forwarder in a locked down state
  ☆40Updated 6 years ago
• neu5ron / es_stk
  ☆13Updated 3 years ago
• ryanadler / downloadSplunk
  Downloading Splunk, made easy through scripts
  ☆19Updated 3 months ago
• olafhartong / TA-Sysmon-deploy
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆31Updated 4 years ago
• codingWithJimmy / SplunkForwarderRepairKit
  Scripted inputs designed to address common use-cases in forwarder misconfigurations in a Splunk deployment
  ☆35Updated 9 months ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆38Updated last year
• CiscoSecurity / fp-05-firepower-cef-connector-arcsight
  Cisco eStreamer client
  ☆24Updated 2 years ago
• guilhemmarchand / trackme
  TrackMe - Data tracking system for Splunk admins
  ☆50Updated 2 years ago
• ChrisYounger / config_explorer
  Config viewer and file editor for Splunk. Based on VSCode.
  ☆31Updated last year
• MHaggis / sysmon-splunk-app
  Sysmon Splunk App
  ☆47Updated 6 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆53Updated 2 years ago
• S3COPS / ArcSight-Sysmon-FlexConnector
  Microfocus ArcSight FlexConnector for Microsoft Sysmon tool
  ☆19Updated 4 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆21Updated 3 years ago
• Nclose-ZA / elastalert_hive_alerter
  This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
  ☆27Updated 4 years ago
• splunk / dashpub
  Generate next.js apps to publish Splunk dashboards
  ☆19Updated last year
• kidcrash22 / Sysmon-Threat-Intel
  ☆13Updated 7 years ago
• SigmaHQ / cookiecutter-pySigma-backend
  pySigma Cookiecutter backend template
  ☆25Updated 2 months ago
• glassdfir / SysmonMapper
  Maps process creation logged by Sysmon uses Google Org Chart API
  ☆24Updated 9 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• PaloAltoNetworks / SafeNetworking
  Read only mirror. To contribute or submit issues, please go to the website link --->
  ☆13Updated last year
• tfrederick74656 / splunkbase-download
  Shell script to download apps from Splunkbase
  ☆23Updated 5 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆45Updated 3 years ago