nickmaccarthy / CEFly
CEF ( Common Event Format ) exporting app for Splunk written in python
☆15Updated 11 years ago
Alternatives and similar repositories for CEFly:
Users that are interested in CEFly are comparing it to the libraries listed below
- Scripts for Bro IDS and ELK Stack☆56Updated 9 years ago
- Scripts used to create ISO installers of ROCK for offline installation.☆10Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- Beholder is a shell script which installs and configures essentials to peer into your network activity.☆19Updated 7 years ago
- Python library for the ArcSight logger REST API☆27Updated 3 years ago
- ☆36Updated 8 years ago
- Queries to parse sysmon event log file with microsoft logparser☆56Updated 10 years ago
- Compare multiple log formats against malware reputation lists.☆88Updated 7 years ago
- Improvements of/over the original rule2alert☆56Updated 10 years ago
- Dashboards and loader for ROCK NSM dashboards☆48Updated 2 years ago
- Bro scripts for the ROCK platform. http://rocknsm.io☆33Updated last year
- Parse URLCrazy and dnstwist output and compare against previous runs to identify new typosquatted domains.☆51Updated 9 years ago
- Harbinger Threat Intelligence☆83Updated 9 years ago
- Bro Intel Feed Linter☆26Updated 5 years ago
- Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!☆18Updated 11 years ago
- Virustotal Lookup filter for Logstash☆16Updated 7 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- ☆71Updated 3 years ago
- ☆23Updated 5 years ago
- Docker container for MISP☆96Updated 6 years ago
- Network Forensics Bro scripts & pcap samples☆62Updated 11 years ago
- Threat Intelligence distribution☆30Updated 9 years ago
- brocon-15 scripts☆13Updated 8 years ago
- Sysmon Splunk App☆46Updated 6 years ago
- This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.☆47Updated 11 years ago
- MISP - Ansible installation script☆22Updated 6 years ago
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- ☆47Updated 9 years ago
- Python script to pull various IOCs from PDFs☆15Updated 10 years ago
- BTG's purpose is to make fast and efficient search on IOC☆70Updated 6 years ago