Alternatives and similar repositories for kafka-sigma-streams

Users that are interested in kafka-sigma-streams are comparing it to the libraries listed below

• berthayes / cp-zeek
  Analyze Zeek IDS data with ksqlDB running on Confluent Platform via Docker on your laptop. Or spin up an arbitrary number of AWS hosts, …
  ☆11Updated 4 years ago
• humio / security_monitoring
  ☆42Updated 2 years ago
• counteractive / o365beat
  Elastic Beat for fetching and shipping Office 365 audit events
  ☆68Updated 5 years ago
• aacgood / Cortex-Analyzers
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Updated 5 years ago
• LDO-CERT / mans_to_es
  Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
  ☆16Updated 2 years ago
• high101bro / PoSh-EasyWin
  PowerShell - Endpoint Analysis Solution Your Windows Intranet Needs
  ☆48Updated 11 months ago
• Nclose-ZA / elastalert_hive_alerter
  This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
  ☆27Updated 4 years ago
• jokezone / Update-Sysmon
  This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
  ☆83Updated 2 years ago
• socprime / soc_workflow_app_ce
  SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…
  ☆94Updated 3 years ago
• olafhartong / TA-Sysmon-deploy
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆30Updated 5 years ago
• agreenjay / sysmon
  A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
  ☆39Updated 5 years ago
• LetMeR00t / TA-thehive-cortex
  Technical add-on for Splunk related to TheHive/Cortex from TheHive project
  ☆53Updated 2 months ago
• ReconInfoSec / sigma-to-elastalert
  Ansible playbook to convert Sigma rules to ElastAlert rules
  ☆10Updated 4 years ago
• inodee / spl-to-kql
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆44Updated 5 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 3 years ago
• splunk / TA-osquery
  A Splunk technology add-on for osquery
  ☆14Updated 2 months ago
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆17Updated 5 years ago
• olafhartong / Sentinel-template-parser
  Azure Sentinel Template parser
  ☆16Updated 5 years ago
• mgreen27 / Invoke-LiveResponse
  Invoke-LiveResponse
  ☆149Updated 3 years ago
• nicpenning / Nessus-ES
  Ingest Nessus files into Elasticsearch using PowerShell!
  ☆21Updated last year
• j91321 / ansible-role-sysmon
  Ansible role for installing Sysmon with popular config files included.
  ☆24Updated 2 years ago
• MHaggis / sysmon-splunk-app
  Sysmon Splunk App
  ☆47Updated 7 years ago
• P4T12ICK / Sigma2SplunkAlert
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆114Updated 5 years ago
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆42Updated 3 years ago
• mdecrevoisier / Splunk-input-windows-baseline
  Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…
  ☆93Updated 5 months ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆88Updated 4 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆79Updated 3 years ago
• socprime / SigmaUI
  SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)
  ☆189Updated 4 years ago
• Velocidex / evtx-data
  Publicly shareable windows event log message data
  ☆27Updated 6 years ago
• frack113 / sigma_redcanaryco
  Knowing which rule should trigger according to the redcannary test
  ☆11Updated last year