Alternatives and similar repositories for kafka-sigma-streams:

Users that are interested in kafka-sigma-streams are comparing it to the libraries listed below

• berthayes / cp-zeek
  Analyze Zeek IDS data with ksqlDB running on Confluent Platform via Docker on your laptop. Or spin up an arbitrary number of AWS hosts, …
  ☆11Updated 3 years ago
• wlaforest / KSQLGeo
  Geospatial UDFs for KSQL
  ☆22Updated 3 years ago
• splunk / kafka-connect-splunk
  Kafka connector for Splunk
  ☆93Updated 6 months ago
• dstaulcu / SplunkTools
  A collection of scripts useful in management of Splunk deployment
  ☆20Updated 6 months ago
• splunk / TA-osquery
  A Splunk technology add-on for osquery
  ☆14Updated 3 years ago
• cerner / cerner_splunk
  Cerner's Splunk Cookbook
  ☆30Updated last year
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆16Updated 4 years ago
• PaloAltoNetworks / SafeNetworking
  Read only mirror. To contribute or submit issues, please go to the website link --->
  ☆13Updated last year
• bentleymi / ChatGPT-4-Splunk
  Splunk TA for sending completion requests to ChatGPT
  ☆25Updated 9 months ago
• aacgood / Cortex-Analyzers
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Updated 5 years ago
• splunk / TA-misp_es
  MISP to Splunk Enterprise Security Theat Intelligence Framework Integration
  ☆12Updated last year
• humio / security_monitoring
  ☆41Updated last year
• Truvis / Splunk_TA_Truvis_Suricata5
  This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…
  ☆15Updated 4 years ago
• ChrisYounger / config_explorer
  Config viewer and file editor for Splunk. Based on VSCode.
  ☆29Updated 9 months ago
• Velocidex / evtx-data
  Publicly shareable windows event log message data
  ☆27Updated 5 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• LDO-CERT / mans_to_es
  Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
  ☆14Updated 2 years ago
• Nclose-ZA / elastalert_hive_alerter
  This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
  ☆27Updated 3 years ago
• rkovar / splunk-hunting-helpers
  ☆55Updated 2 years ago
• codingWithJimmy / SplunkForwarderRepairKit
  Scripted inputs designed to address common use-cases in forwarder misconfigurations in a Splunk deployment
  ☆35Updated 5 months ago
• ajackal / ir_scripts
  incident response scripts
  ☆19Updated 5 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆19Updated 2 years ago
• zulu8 / Get-Baseline
  PowerShell Script for Agentless Incident Response
  ☆25Updated 6 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• MalwareSoup / sysmon2neo4j
  ☆15Updated 7 years ago
• MHaggis / sysmon-splunk-app
  Sysmon Splunk App
  ☆46Updated 6 years ago
• IBM / wincollect
  ☆58Updated last year
• kidcrash22 / Sysmon-Threat-Intel
  ☆12Updated 7 years ago