Alternatives and similar repositories for kafka-sigma-streams

Users that are interested in kafka-sigma-streams are comparing it to the libraries listed below

• berthayes / cp-zeek
  Analyze Zeek IDS data with ksqlDB running on Confluent Platform via Docker on your laptop. Or spin up an arbitrary number of AWS hosts, …
  ☆11Updated 4 years ago
• humio / security_monitoring
  ☆43Updated 2 years ago
• jokezone / Update-Sysmon
  This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
  ☆83Updated 2 years ago
• counteractive / o365beat
  Elastic Beat for fetching and shipping Office 365 audit events
  ☆68Updated 5 years ago
• aacgood / Cortex-Analyzers
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Updated 5 years ago
• nturley3 / zeek-kerberos-haters-guide
  Kerberos Haters Guide to Zeek Threat Hunting
  ☆34Updated 4 years ago
• j91321 / ansible-role-sysmon
  Ansible role for installing Sysmon with popular config files included.
  ☆24Updated 2 years ago
• Velocidex / evtx-data
  Publicly shareable windows event log message data
  ☆27Updated 6 years ago
• socprime / soc_workflow_app_ce
  SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…
  ☆94Updated 3 years ago
• frack113 / sigma_redcanaryco
  Knowing which rule should trigger according to the redcannary test
  ☆11Updated last year
• olafhartong / TA-Sysmon-deploy
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆31Updated 5 years ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆88Updated 4 years ago
• airbus-cert / ntTraceControl
  Powershell Event Tracing Toolbox
  ☆78Updated 3 years ago
• inodee / spl-to-kql
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆44Updated 5 years ago
• high101bro / PoSh-EasyWin
  PowerShell - Endpoint Analysis Solution Your Windows Intranet Needs
  ☆48Updated last year
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆22Updated 3 years ago
• mdecrevoisier / Splunk-input-windows-baseline
  Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…
  ☆93Updated 6 months ago
• FalconForceTeam / KQLAnalyzer
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆44Updated 3 months ago
• PaloAltoNetworks / SafeNetworking
  Read only mirror. To contribute or submit issues, please go to the website link --->
  ☆15Updated 2 years ago
• Starke427 / Windows-Security-Policy
  Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.
  ☆14Updated 5 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 3 years ago
• agreenjay / sysmon
  A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
  ☆39Updated 5 years ago
• MotiBa / AppLocker
  AppLocker hardening policies
  ☆26Updated 7 years ago
• Nclose-ZA / elastalert_hive_alerter
  This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
  ☆27Updated 4 years ago
• LDO-CERT / mans_to_es
  Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
  ☆16Updated 2 years ago
• Neo23x0 / sysmon-version-history
  An Inofficial Sysmon Version History (Change Log)
  ☆33Updated 5 years ago
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆85Updated last year
• SophosRapidResponse / OSQuery
  ☆88Updated 9 months ago
• ReconInfoSec / graylog2thehive
  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
  ☆45Updated 5 years ago
• Asymmetric-InfoSec / Power-Response
  Powering Up Incident Response with Power-Response
  ☆63Updated 5 years ago