nccgroup / Splunking-Crime

Related projects: ⓘ

• getkub / SplunkScriplets
  Various Splunk Scripts and applets, all in one place
  ☆31Updated last week
• anthonygtellez / splunk_deployment_automation
  ☆22Updated 2 years ago
• LukeMurphey / splunk-search-command-example
  An example of how to make a search command in Python within Splunk.
  ☆13Updated 4 years ago
• LukeMurphey / splunk-web-input
  A Splunk app for obtaining information from web apps
  ☆11Updated 3 years ago
• hire-vladimir / SA-cim_vladiator
  Data validator agains Splunk Common Information Model (CIM)
  ☆74Updated 5 months ago
• Bridgewater / appetite
  ☆33Updated this week
• splunk / cloud-datamodel-security-research
  ☆32Updated this week
• mhassan2 / datafabric_splunk
  ☆14Updated 6 years ago
• splunk / TA-osquery
  A Splunk technology add-on for osquery
  ☆14Updated 3 years ago
• nick-hills / splunkDeepfreeze
  Move frozen buckets to AWS S3 (and ultimately Glacier) for long term storage
  ☆12Updated 6 years ago
• splunk / splunk-add-on-jira-alerts
  Splunk custom alert action for Atlassian JIRA
  ☆18Updated 5 years ago
• dformoso / splunk-jupyter
  ☆15Updated this week
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆76Updated 3 years ago
• rkovar / splunk-hunting-helpers
  ☆55Updated 2 years ago
• seunomosowon / TA-mailclient
  This technology adapter add-on fetches emails for Splunk to index from mailboxes using either POP3 or IMAP, with or without SSL.
  ☆9Updated 3 years ago
• alertmanager / alert_manager
  Splunk Alert Manager with advanced reporting on alerts, workflows (modify assignee, status, severity) and auto-resolve features
  ☆81Updated 2 years ago
• splunk / splunk-mltk-container-docker
  Splunk App for Data Science and Deep Learning - container images repository
  ☆47Updated last month
• hire-vladimir / SA-IdentityAssetExtraction
  Allows to pull asset and identity data into Splunk app for Enterprise Security from LDAP and other sources
  ☆27Updated 6 years ago
• jay-johnson / spylunking
  Drill down into your python logs using JSON logs stored in Splunk - supports sending over TCP or the Splunk HEC REST API handlers (using …
  ☆12Updated last year
• target / huntlib
  A Python library to help with some common threat hunting data analysis operations
  ☆138Updated last year
• phantomcyber / phantom-apps
  Phantom Apps Repo
  ☆81Updated 2 years ago
• gjanders / Splunk
  Splunk (Other Splunk scripts which do not fit into the SplunkAdmins application)
  ☆37Updated 3 weeks ago
• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 4 years ago
• Neo23x0 / evt2sigma
  Log Entry to Sigma Rule Converter
  ☆105Updated 2 years ago
• MattUebel / splunk_UF_hardening
  scripts to configure the Splunk Universal Forwarder in a locked down state
  ☆39Updated 5 years ago
• georgestarcher / Splunk-ESIntel-KVStore
  Splunk csv to KVStore ES Threat Intel
  ☆10Updated 8 years ago
• guilhemmarchand / trackme
  TrackMe - Data tracking system for Splunk admins
  ☆49Updated last year
• splunk / pytest-splunk-addon
  A Dynamic test tool for Splunk Technology Add-ons
  ☆57Updated this week
• splunk / rwi_executive_dashboard
  Splunk Remote Work Insights - Executive Dashboard
  ☆40Updated 4 years ago
• HurricaneLabs / splunksecrets
  splunksecrets is a tool for working with Splunk secrets offline
  ☆45Updated last year