quadrantsec / meer
Meer is a "spooler" for Suricata / Sagan.
☆29Updated last year
Alternatives and similar repositories for meer:
Users that are interested in meer are comparing it to the libraries listed below
- Community-based CybergON-powered Suricata rules☆12Updated 2 years ago
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 4 years ago
- automatic enumeration and maintenance of Suricata monitoring interfaces☆11Updated 5 years ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆51Updated 8 months ago
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated 10 months ago
- Plugin providing native AF_Packet support for Zeek.☆34Updated 11 months ago
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆32Updated 4 years ago
- suricata eve.json parser in Go☆14Updated 5 years ago
- Application and service identification rules for Suricata☆18Updated 2 years ago
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆33Updated 2 months ago
- Parse Suricata rules☆13Updated last year
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆31Updated 9 months ago
- Suricata RPMs for CentOS/RHEL and Fedora☆19Updated last week
- Go Client for Suricata (Interacting via Socket)☆12Updated 4 years ago
- Application and service identification rules for Suricata☆29Updated 2 years ago
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆165Updated last week
- OwlH Master API☆24Updated 10 months ago
- A Spicy protocol analyzer for WireGuard☆29Updated 4 years ago
- Open source endpoint agent providing host information to Zeek. [v2]☆77Updated 4 months ago
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆87Updated 10 months ago
- Suricata rule and intel index☆31Updated 3 months ago
- Kibana 6 Templates for Suricata IDPS Threat Hunting☆24Updated 6 years ago
- A repository for OSSEC rules and decoders☆54Updated last year
- ☆12Updated 4 years ago
- Collection of various open-source an commercial rulesets for NIDS (especially for Suricata and Snort)☆23Updated last year
- Go implementation of the Community ID flow hashing standard☆20Updated last month
- CapAnalysis source code repository☆87Updated 6 years ago
- Mapping NSM rules to MITRE ATT&CK☆70Updated 4 years ago
- Zeek support for Community ID flow hashing.☆35Updated last year