zeflow/Sigma2SplunkAlert

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/zeflow/Sigma2SplunkAlert)

zeflow / Sigma2SplunkAlert

Converts Sigma detection rules to a Splunk alert configuration.

☆12

Alternatives and similar repositories for Sigma2SplunkAlert

Users that are interested in Sigma2SplunkAlert are comparing it to the libraries listed below

Sorting:

Sh3llyR / statiStrings
View on GitHub
YARA Rule Strings Statistics Calculator and Malware Research Helper
☆14Jul 24, 2021Updated 4 years ago
swisscom / splunk-addon-powershell
View on GitHub
Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.
☆17Feb 1, 2021Updated 5 years ago
splunk / TA-misp_es
View on GitHub
MISP to Splunk Enterprise Security Theat Intelligence Framework Integration
☆14Jul 11, 2023Updated 2 years ago
remg427 / misp42splunk
View on GitHub
A Splunk app to use MISP in background
☆112Jan 8, 2026Updated 2 months ago
Dump-GUY / CAPA_JsonConver
View on GitHub
Converts exported results of CAPA tool from .json format to another formats supporting by different tools.
☆22Feb 15, 2022Updated 4 years ago
ruppde / yara_rules
View on GitHub
Yara rules
☆22Mar 27, 2023Updated 2 years ago
remg427 / TA-thehive
View on GitHub
Splunk TA for alert action to TheHive-project
☆11May 13, 2020Updated 5 years ago
nidem / forgedpillow
View on GitHub
A tool to modify timestamps in a packet capture to a user selected date
☆31Aug 11, 2021Updated 4 years ago
murchisd / splunk_pstree_app
View on GitHub
Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)
☆24Mar 3, 2023Updated 3 years ago
cmdaltr / elrond
View on GitHub
Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
☆32Nov 23, 2025Updated 3 months ago
Neo23x0 / ti-falsepositives
View on GitHub
A collection of typical false positive indicators
☆56Dec 5, 2020Updated 5 years ago
fr0gger / MalwareMuncher
View on GitHub
Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…
☆46Feb 24, 2023Updated 3 years ago
rbran / sleigh3rust
View on GitHub
A demontration of disassemblers generated by sleigh2rust
☆13Nov 25, 2024Updated last year
g-les / 100DaysofYARA
View on GitHub
100 Days of YARA to be updated with rules & ideas as the year progresses
☆60Jan 18, 2023Updated 3 years ago
defensivedepth / osquery-filters
View on GitHub
☆34Aug 8, 2023Updated 2 years ago
guilhemmarchand / trackme
View on GitHub
TrackMe - Data tracking system for Splunk admins
☆47Feb 3, 2023Updated 3 years ago
stvemillertime / Absolutely-Positively-NOT-Hacking-Back-with-Pcap
View on GitHub
Streaming Unexpected Network Byte Sequences with High Probability of Blue Screening or Otherwise Crashing Attacker Command-and-Control No…
☆22Jul 14, 2019Updated 6 years ago
fboldewin / YARA-rules
View on GitHub
Some YARA rules i will add from time to time
☆67Mar 25, 2023Updated 2 years ago
iAbdullahMughal / dscan
View on GitHub
D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit
☆29Jan 10, 2026Updated 2 months ago
cado-security / AWS_EKS_Cluster_Forensics
View on GitHub
AWS EKS Cluster Forensics
☆23Aug 16, 2021Updated 4 years ago
da667 / Autosnort3
View on GitHub
Make your swine run like it's Divine
☆10Mar 14, 2025Updated last year
infosec-intern / vscode-yara
View on GitHub
VSCode extension for the YARA pattern matching language
☆63Jan 10, 2024Updated 2 years ago
microsoft / MSTIC-Sysmon
View on GitHub
Anything Sysmon related from the MSTIC R&D team
☆156Jun 8, 2024Updated last year
3CORESec / SIEGMA
View on GitHub
SIEGMA - Transform Sigma rules into SIEM consumables
☆159Mar 10, 2025Updated last year
Neo23x0 / awesome-yara
View on GitHub
A curated list of awesome YARA rules, tools, and people.
☆33Oct 26, 2023Updated 2 years ago
SigmaHQ / pySigma-backend-elasticsearch
View on GitHub
pySigma Elasticsearch backend
☆65Updated this week
LogRhythm-Labs / VirusTotal
View on GitHub
VirusTotal SIEM Integration and Automation
☆18Jan 16, 2017Updated 9 years ago
lasersharkkiller / Threat-Hunter
View on GitHub
Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detection…
☆18Sep 7, 2023Updated 2 years ago
criblio / criblvision
View on GitHub
Splunk App for Cribl Stream and Edge Observability
☆28Jul 15, 2025Updated 8 months ago
StrangeBeeCorp / thehive-templates
View on GitHub
☆28Nov 25, 2025Updated 3 months ago
wenbang24 / fyora
View on GitHub
intuitive declarative dotfile management
☆15Sep 21, 2025Updated 6 months ago
SigmaHQ / sigma-cli
View on GitHub
The Sigma command line interface based on pySigma
☆181Feb 5, 2026Updated last month
hairyhenderson / dockerhub_ratelimit_exporter
View on GitHub
A Prometheus-format exporter to report on DockerHub per-image rate limits
☆11Mar 6, 2026Updated 2 weeks ago
certsocietegenerale / fame_modules
View on GitHub
Community modules for FAME
☆65Dec 16, 2025Updated 3 months ago
smittix / kali-setup
View on GitHub
A quick bash script that I created in order to speed up the creation of usable kali boxes.
☆11Oct 29, 2021Updated 4 years ago
hasherezade / paramkit
View on GitHub
A small library helping to parse commandline parameters (for C/C++)
☆57May 25, 2025Updated 9 months ago
Escape-Technologies / API-Threat-Matrix
View on GitHub
A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.
☆44Sep 12, 2024Updated last year
Exporttool / exporttool
View on GitHub
This is a python script that can be run on each Splunk Indexer for the purpose of exporting historical bucket data (raw events + metadata…
☆12Jan 31, 2024Updated 2 years ago
SigmaHQ / pySigma-backend-splunk
View on GitHub
pySigma Splunk backend
☆41Updated this week