nextinstall / splunk-dashboards
A collection of Splunk dashboard templates.
☆13Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for splunk-dashboards
- A collection of scripts useful in management of Splunk deployment☆20Updated 2 months ago
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆41Updated last year
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆38Updated 4 years ago
- ☆70Updated 2 weeks ago
- ☆53Updated 3 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- ☆58Updated last year
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆66Updated last year
- Elastic Beat for fetching and shipping Office 365 audit events☆66Updated 4 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- ☆66Updated 8 months ago
- Convert Sigma rules to LogRhythm searches☆19Updated 2 years ago
- 2021 SANS DFIR Summit: Greppin' Logs☆21Updated 3 years ago
- Powering Up Incident Response with Power-Response☆62Updated 4 years ago
- SPL cheatsheet for Splunk.☆20Updated last year
- ☆26Updated 3 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 4 years ago
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆66Updated 4 years ago
- ☆40Updated last year
- This repository contains Splunk queries to hunt some anomalies☆38Updated 2 years ago
- Security-Focused O365 Management and Log Scripts☆60Updated 2 years ago
- Sysmon configuration file template with default high-quality event tracing☆20Updated 3 years ago
- A list of Splunk queries that I've collected and used over time.☆72Updated 4 years ago
- ☆13Updated 2 years ago
- scripts to configure the Splunk Universal Forwarder in a locked down state☆40Updated 5 years ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆51Updated last year
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- ☆48Updated 4 years ago