Alternatives and similar repositories for rulesets

Users that are interested in rulesets are comparing it to the libraries listed below

• simple-evcorr / sec
  Simple Event Correlator releases
  ☆183Updated 11 months ago
• Scribery / aushape
  A library and a tool for converting audit logs to XML and JSON
  ☆46Updated 7 years ago
• assimilation / assimilation-official
  This is the official main repository for the Assimilation project
  ☆51Updated last year
• terry-wen / Network-Visualization-Project
  Network visualizer tool built using Processing
  ☆24Updated 4 years ago
• balabit / syslog-ng-patterndb
  ☆55Updated 9 years ago
• gdestuynder / audisp-cef
  CEF plugin for audisp (Linux Audit)
  ☆23Updated 9 years ago
• gdestuynder / audisp-json
  ☆41Updated 4 years ago
• DCSO / balboa
  server for indexing and querying passive DNS observations
  ☆47Updated 2 months ago
• OpenSCAP / openscap-daemon
  Manages continuous scans of your infrastructure
  ☆107Updated 3 years ago
• zeek / time-machine
  Time-Machine Dynamic Bulk Packet Recorder
  ☆36Updated 5 months ago
• squash / sudosh2
  sudosh is an auditing shell filter and can be used as a login shell. Sudosh records all keystrokes and output and can play back the sessi…
  ☆87Updated last year
• DCSO / fever
  fast, extensible, versatile event router for Suricata's EVE-JSON format
  ☆56Updated last week
• hubblestack / hubble-salt
  Hubble is a modular, open-source security compliance framework built on top of SaltStack. The project provides on-demand profile-based au…
  ☆91Updated 7 years ago
• mcholste / elsa
  Enterprise Log Search and Archive
  ☆210Updated 6 years ago
• beave / sagan
  ** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
  ☆229Updated 4 years ago
• danmia / pcapdaemon
  A daemon that subscribes to packet capture requests via pubsub and posts the data to a configurable destination
  ☆32Updated 7 years ago
• stevegrubb / audit-explorer
  This is an R shiny app that visualizes audit data using many tools all in one app.
  ☆36Updated 4 years ago
• farsightsec / nmsg
  network message encapsulation library
  ☆30Updated last week
• CESNET / ipfixcol
  IPFIXcol is an implementation of an IPFIX (RFC 7011) collector
  ☆65Updated 5 years ago
• RIPE-NCC / tracemon
  TraceMON is a web application for visualising network topology generated by traceroutes reaching one or more targets in a network
  ☆65Updated 2 years ago
• StamusNetworks / KTS5
  Kibana 5 Templates for Suricata IDPS
  ☆43Updated 7 years ago
• aaron868 / management
  My Ansible playbook for a CentOS 6 based infrastructure.
  ☆58Updated 11 years ago
• corelight / community-id-spec
  An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
  ☆184Updated last year
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆88Updated 6 years ago
• nbs-system / mapster
  Live events map as a Kibana plugin
  ☆74Updated 8 years ago
• JustinAzoff / flow-indexer
  Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
  ☆44Updated last year
• SIDN / entrada
  Entrada - A tool for DNS big data analytics
  ☆50Updated last year
• DNS-OARC / dsc
  Moved to https://codeberg.org/DNS-OARC/dsc
  ☆110Updated last month
• DNS-OARC / drool
  Moved to https://codeberg.org/DNS-OARC/drool
  ☆82Updated last month
• kgaughan / uwhoisd
  A 'Universal WHOIS' proxy server - you query it, it gives back the correct details
  ☆42Updated 3 months ago