Alternatives and similar repositories for elastalert

Users that are interested in elastalert are comparing it to the libraries listed below

• demisto / alfred
  A Slack bot to add security info to messages containing URLs, hashes and IPs
  ☆71Updated last year
• BechtelCIRT / beholder
  Beholder is a shell script which installs and configures essentials to peer into your network activity.
  ☆19Updated 8 years ago
• zeek / cheat-sheet
  The Bro/Zeek language cheat sheet
  ☆53Updated 12 years ago
• open-nsm / ContainNSM
  Dockerfiles for NSM tools
  ☆84Updated 8 years ago
• Tripwire / TARDIS
  Threat Analysis, Reconnaissance, and Data Intelligence System
  ☆128Updated 10 years ago
• sroberts / hubot-vtr-scripts
  Scripts for making Hubot a CND Sidekick
  ☆59Updated 9 years ago
• mixmodeai / bro_intel_linter
  Bro Intel Feed Linter
  ☆26Updated 6 years ago
• cudeso / host-enrich
  Enrich a host with open source security information
  ☆27Updated 10 years ago
• coolacid / logstash-filter-virustotal
  Virustotal Lookup filter for Logstash
  ☆16Updated 8 years ago
• vmware-archive / bit9platform
  Bit9 Platform
  ☆20Updated 8 years ago
• cvandeplas / ELK-forensics
  ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)
  ☆179Updated 6 years ago
• BinaryDefense / auto-ossec
  ☆142Updated last year
• jonschipp / ISLET
  Isolated, Scalable, & Lightweight Environment for Training
  ☆111Updated 6 years ago
• LeeBrotherston / snort
  Snort Rules
  ☆19Updated 9 years ago
• exp0se / bro-intel-generator
  Script for generating Bro intel files from pdf or html reports
  ☆77Updated 10 years ago
• kf0jvt / osq_simulator
  ☆15Updated 10 years ago
• dnsdb / dnsdb-query
  DNSDB query scripts
  ☆75Updated 6 years ago
• harvard-itsecurity / qradar-seculert-push
  Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!
  ☆18Updated 12 years ago
• CrowdStrike / cs-bro
  Bro scripts written by CrowdStrike Services
  ☆148Updated 4 years ago
• vmware-archive / cbapi
  Carbon Black API Resources
  ☆93Updated 8 years ago
• sroberts / cacador
  Indicator Extractor
  ☆141Updated 7 years ago
• thugs-rumal / rumal
  Thug's Rumāl: a Thug's dress & weapon
  ☆37Updated 9 years ago
• Phillipmartin / gopassivedns
  PassiveDNS in Go
  ☆125Updated this week
• Masood-M / yalih
  YALIH (Yet Another Low Interaction Honeyclient) is a low Interaction Client honeypot designed to detect malicious websites through signat…
  ☆68Updated 6 years ago
• exp0se / harbinger
  Harbinger Threat Intelligence
  ☆83Updated 10 years ago
• Blueliv / logstash-input-blueliv
  Logstash Input plugin by Blueliv
  ☆27Updated 2 years ago
• sandialabs / scot
  Sandia Cyber Omni Tracker (SCOT)
  ☆253Updated last year
• salesforce / threatshell
  ☆64Updated 3 years ago
• TravisFSmith / MyBroElk
  Scripts for Bro IDS and ELK Stack
  ☆57Updated 10 years ago
• hadojae / redonion
  **BETA** A simple buildscript for network security monitoring on RHEL/CentOS
  ☆31Updated 8 years ago