Alternatives and similar repositories for kafka-sigma-streams

Users that are interested in kafka-sigma-streams are comparing it to the libraries listed below

• berthayes / cp-zeek
  Analyze Zeek IDS data with ksqlDB running on Confluent Platform via Docker on your laptop. Or spin up an arbitrary number of AWS hosts, …
  ☆11Updated 3 years ago
• humio / security_monitoring
  ☆42Updated 2 years ago
• inodee / spl-to-kql
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆43Updated 4 years ago
• LDO-CERT / mans_to_es
  Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
  ☆14Updated 2 years ago
• mdecrevoisier / Splunk-input-windows-baseline
  Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…
  ☆92Updated last month
• counteractive / o365beat
  Elastic Beat for fetching and shipping Office 365 audit events
  ☆67Updated 4 years ago
• jokezone / Update-Sysmon
  This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
  ☆82Updated 2 years ago
• splunk / TA-osquery
  A Splunk technology add-on for osquery
  ☆14Updated 4 years ago
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆80Updated 3 years ago
• high101bro / PoSh-EasyWin
  PowerShell - Endpoint Analysis Solution Your Windows Intranet Needs
  ☆48Updated 8 months ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆54Updated 3 years ago
• olafhartong / TA-Sysmon-deploy
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆31Updated 5 years ago
• FalconForceTeam / KQLAnalyzer
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆37Updated 6 months ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆88Updated 4 years ago
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆83Updated last year
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆21Updated 3 years ago
• airbus-cert / ntTraceControl
  Powershell Event Tracing Toolbox
  ☆76Updated 3 years ago
• bentleymi / ChatGPT-4-Splunk
  Splunk TA for sending completion requests to ChatGPT
  ☆25Updated last year
• BrandonsProjects / WEFC
  Windows Event Forwarding/Collection - A simple way to get quick, comprehensive logging for a Windows environment.
  ☆16Updated 3 years ago
• Nclose-ZA / elastalert_hive_alerter
  This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
  ☆27Updated 4 years ago
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆98Updated 3 years ago
• OTRF / Set-AuditRule
  Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
  ☆94Updated 3 years ago
• nturley3 / zeek-kerberos-haters-guide
  Kerberos Haters Guide to Zeek Threat Hunting
  ☆30Updated 3 years ago
• SentineLabs / S1QL-Queries
  ☆64Updated 2 years ago
• olafhartong / Sentinel-template-parser
  Azure Sentinel Template parser
  ☆16Updated 4 years ago
• socprime / SigmaUI
  SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)
  ☆189Updated 4 years ago
• mgreen27 / Invoke-LiveResponse
  Invoke-LiveResponse
  ☆149Updated 3 years ago
• matthewdunwoody / block-parser
  Parser for Windows PowerShell script block logs
  ☆99Updated last year