Alternatives and similar repositories for elastalert:

Users that are interested in elastalert are comparing it to the libraries listed below

• magoo / osquery-hids
  Launchd daemon that reports major OSX modifications through growl
  ☆16Updated 10 years ago
• ameihm0912 / geomodel
  IP geolocation for authentication events with MozDef
  ☆10Updated 5 years ago
• StamusNetworks / ansible-misp
  Ansible playbook to install Malware Information Sharing Platform (MISP)
  ☆17Updated 10 years ago
• slackhq / es-query-simple
  A tiny command line utility to query elasticsearch. "
  ☆23Updated 5 years ago
• eSentire / malfeed
  Feed for verious malicious IPs such as malware and botnets
  ☆12Updated 8 years ago
• ukncsc / mail-check
  ☆30Updated 6 years ago
• mozilla / minion-frontend
  Minion Frontend
  ☆30Updated 5 years ago
• Security-Onion-Solutions / securityonion-bro-scripts
  ☆24Updated 5 years ago
• mozilla / minion-backend
  INACTIVE - http://mzl.la/ghe-archive - Minion Backend
  ☆41Updated 5 years ago
• sroberts / responding-at-scale-with-osquery
  Using osquery for Mass Incident Detection & Response
  ☆19Updated 8 years ago
• magoo / Vault-for-Incident-Responders
  Things to know when DFIR occurs near a vault deployment.
  ☆43Updated 6 years ago
• dyurk / splogTASH
  SPL to lucene translator
  ☆15Updated 10 years ago
• cudeso / host-enrich
  Enrich a host with open source security information
  ☆27Updated 9 years ago
• xme / mime2vt
  Unpack MIME attachments from a file and check them against virustotal.com
  ☆45Updated 8 years ago
• harvard-itsecurity / qradar-seculert-push
  Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!
  ☆18Updated 11 years ago
• blacktop / docker-yara
  Yara Dockerfile
  ☆50Updated 2 years ago
• kost / docker-cowrie
  A Docker container for Cowrie - SSH honeypot based on kippo
  ☆10Updated 9 years ago
• znb / Elastic-Elephant
  Fun with Amazon AWS and Maltego
  ☆29Updated 7 years ago
• cumulodev / yara
  Go bindings for yara: pattern matching swiss knife http://plusvic.github.io/yara/
  ☆10Updated 9 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 4 years ago
• sroberts / hubot-vtr-scripts
  Scripts for making Hubot a CND Sidekick
  ☆59Updated 8 years ago
• iserko / logstash-input-cloudflare
  Logstash Input Plugin for Cloudflare logs
  ☆14Updated 5 years ago
• SpiderLabs / ackack
  A program to monitor network traffic and detect unauthorized sessions.
  ☆41Updated 14 years ago
• SpiderLabs / batchyDNS
  A reconnaissance tool that can quickly discover hostnames from a list of IP addresses.
  ☆38Updated 14 years ago
• jgamblin / ipinfo-for-slack
  Custom slash command to do ipinfo.io lookups from within Slack
  ☆10Updated 8 years ago
• zeek / package-manager
  A package manager for Zeek
  ☆44Updated 2 months ago
• johestephan / ibmxforceex.checker.py
  Python based client for IBM XForce Exchange
  ☆25Updated 8 years ago
• viper-framework / viper-docker
  ☆22Updated 4 years ago
• yolothreat / utilitybelt
  A Python library for being a CND Batman....
  ☆35Updated 9 years ago
• mozilla / service-map
  Service mapping API
  ☆25Updated last year