sshahriyar / totalads
Total Anomaly Detection System for software logs and traces
☆9Updated 8 years ago
Related projects: ⓘ
- Network timing evaluation used to detect beacons, works with argus flow as the source☆18Updated 8 years ago
- Mine patterns from logs☆27Updated 7 years ago
- User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.☆33Updated 7 years ago
- Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…☆28Updated 6 years ago
- Simple parser for Splunk Processing Language (SPL) written in Python.☆35Updated 6 years ago
- Classifier to separate legitimate domains from those generated by a domain generating algorithm (DGA).☆42Updated 7 years ago
- Debian and Red Hat packaging for SIE DNS sensor☆14Updated last year
- Logging plugin to bro to send logs to a Kafka broker☆20Updated 6 years ago
- Vagrantfile and scripts for building a disposable OpenSOC Cluster☆29Updated 7 years ago
- [ABANDONED] A Docker container running Suricata and the ELK stack.☆22Updated 8 years ago
- Collection of data sources that can be used to provide context to security events☆23Updated 9 years ago
- An open source pcap packet and NetFlow file analysis tool using Hadoop MapReduce and Hive.☆43Updated 11 years ago
- Getting Started with ELK☆50Updated 8 years ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated 4 months ago
- The Auditd Framework logs and applies security policy to linux auditd data☆15Updated 6 years ago
- ☆12Updated 7 years ago
- ☆34Updated this week
- Apache Metron Workshop Lab materials and instructions.☆35Updated 4 years ago
- Ipython notebook that illustrates effectiveness of machine learning algorithms in anomaly detection of netflow data (inbound/outbound DDo…☆78Updated 7 years ago
- ☆15Updated 7 years ago
- ☆28Updated 7 years ago
- User interface for OpenSOC☆100Updated 9 years ago
- Time-Machine Dynamic Bulk Packet Recorder☆35Updated 8 months ago
- Download a demo version of Open Network Insight, which can be run standalone on a windows laptop using Winpython https://sourceforge.net/…☆9Updated 7 years ago
- ☆13Updated this week
- A Java library for handling TAXII Messages and invoking TAXII Services.☆19Updated 5 years ago
- Add POST body excerpt to Bro's HTTP log☆14Updated 4 months ago
- Full Packet Capture for the Masses☆15Updated 6 years ago
- Set of scripts to index PCAP files and retrieve packets☆14Updated 9 years ago
- Example Configuration for ELK stack with Blueliv Plugin☆10Updated last year