sophos / Sophos-Central-SIEM-IntegrationLinks
Simple integration script for 3rd party systems such as SIEMs. Offers command line, file or syslog output in CEF, JSON or key-value pair formats.
☆137Updated 2 years ago
Alternatives and similar repositories for Sophos-Central-SIEM-Integration
Users that are interested in Sophos-Central-SIEM-Integration are comparing it to the libraries listed below
Sorting:
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆225Updated 8 months ago
- PowerShell for CrowdStrike's OAuth2 APIs☆436Updated this week
- Main MineMeld documentation repo☆379Updated 8 years ago
- ☆44Updated this week
- LogRhythm PowerShell Toolkit☆51Updated last month
- SELinux Policy for Splunk☆57Updated 6 years ago
- Fortinet products logs to Elasticsearch☆98Updated this week
- The most feature complete PowerShell module available for the Rapid7 Nexpose/InsightVM APIv3☆62Updated last year
- Documentation of Cortex☆175Updated 2 years ago
- Contains Logstash related content including tons of Logstash configurations☆254Updated 4 years ago
- SIEM Logstash parsing for more than hundred technologies☆187Updated 2 weeks ago
- PerchLabs threat feed☆16Updated 4 years ago
- Documentation of TheHive☆400Updated 2 years ago
- Scripts to streamline the deployment and use of the CrowdStrike Falcon sensor☆189Updated last week
- Splunk Connect for Syslog☆166Updated 2 weeks ago
- Useful scripts for those administering Wazuh☆86Updated 2 weeks ago
- Collect / retrieve Office365, AzureAD and DLP audit logs and output to PRTG, Azure Log Analytics Workspace, SQL, Graylog, Fluentd, and/or…☆113Updated last year
- Scripts that cover the basics of interacting with the AMP for Endpoints API☆17Updated 6 years ago
- Incident Response Hierarchy of Needs☆464Updated 2 years ago
- NIST CyberSecurity Framework management tool☆166Updated 3 years ago
- Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint sec…☆108Updated last year
- RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…☆57Updated 3 weeks ago
- Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…☆879Updated 4 years ago
- Security configuration is complex. With thousands of group policies available in Windows, choosing the “best” setting is difficult. It’s …☆282Updated 2 years ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- Elastic Beat for fetching and shipping Office 365 audit events☆68Updated 5 years ago
- The CrowdStrike Falcon SDK for Python☆436Updated 3 weeks ago
- ☆133Updated last year
- Python Library for interfacing into Tenable's platform APIs☆387Updated 2 weeks ago
- ☆28Updated 5 years ago