71 Open source projects that are alternatives of or similar to ansible-splunk-playbook

The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.

Generic Signature Format for SIEM Systems

Kong API Manager with Prometheus And Graylog

Threat Detection & Anomaly Detection rules for popular open-source components

Splunk HTTP Event Collector (HEC) Golang library

Splunk Connect for Syslog

Configurable Fanuc Focas data collector and post processor.

Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.

Sysmon Splunk App

CLI for Enterprise Application Access (EAA)

Security event correlation engine for ELK stack

A tool to convert Windows evtx files (Windows Event Log Files) into JSON format and log to Splunk (optional) using HTTP Event Collector.

Deploy Google Cloud log export to Splunk using Terraform

Deploy and maintain Symon through the Splunk Deployment Sever

Open Source data and event driven real time Monitoring and Analytics Platform

Automate creating resilient, disposable, secure and agile monitoring infrastructure for Blue Teams.

Semantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.

Python logging handler for sending logs to Splunk Enterprise

Logmira by Blumira has been created by Amanda Berlin as a helpful download of Microsoft Windows Domain Group Policy Object settings.

An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced security analytics framework.

🔮 Visibility Across Space and Time

DEPRECATED - MozDef: Mozilla Enterprise Defense Platform

SIEM Tactics, Techiques, and Procedures

Encyclopedia for Executables

A Splunk modular input for ingesting Prometheus metrics

Automated Use Case Testing

LogRhythm PowerShell Toolkit

Splunk code (SPL) useful for serious threat hunters.

Splunk Technology Add-On (TA) for collecting ETW events from Windows systems

Config viewer and file editor for Splunk. Based on VSCode.

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

A Lambda-powered Security Orchestration framework for AWS GuardDuty

Open Source SIEM (Security Information and Event Management system).

Pushes Sysmon Configs

SIAC is an enterprise SIEM built on open-source technology.

Ansible role to install auditbeat for security monitoring. (Ruleset included)

Vault plugin to securely manage Splunk admin accounts and password rotation

Splunk technical add-on (TA) for ingesting BigFix client, relay, and server logs. Includes REST inputs for ingesting assets, relevant fixlets, action summaries, and analysis results.

The source code of the book "Spring Microservices in Action (John Carnell)" and the personal summary of technical essentials about Spring Boot for microservices.

Various Splunk Scripts and applets, all in one place

Splunk@Splunk's Ansible role for installing Splunk, upgrading Splunk, and installing apps/addons on Splunk deployments (VM/bare metal)

Splunk distribution of Open Telemetry for browser environment.

** README ** This repo has MOVED to https://github.com/quadrantsec/sagan

Splunk Connect for Ethereum

Test Blue Team detections without running any attack.

Splunk Add on for OPNsense firewall

Open-source framework to detect outliers in Elasticsearch events

SIEM Logstash parsing for more than hundred technologies

Kafka Connect connector for receiving data and writing data to Splunk.

Curated list of awesome cybersecurity companies and solutions.

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]

Demo for Elastic's Auditbeat and SIEM

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

Type-safe, consistently named and formatted, structured logging wrapper for SLF4J that's ideally suited for your logging aggregator.

Add-on for ingesting DMARC aggregate reports into Splunk

Azure Sentinel intrusion detection rules, recent exploits and lolbas :)

An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk

Very basic CLI SIEM (Security Information and Event Management system).

An app to analyze tweets using Amazon Comprehend's Sentiment Analysis service

Microsoft Sentinel SOC Operations