ansible-role-auditbeatAnsible role to install auditbeat for security monitoring. (Ruleset included)
Stars: ✭ 15 (-37.5%)
docker-elk-stackThe ELK stack Docker containerization (Elasticsearch, Logstash and Kibana)
Stars: ✭ 20 (-16.67%)
Log PilotCollect logs for docker containers
Stars: ✭ 1,112 (+4533.33%)
elk-stackELK Stack (Elasticsearch, Logstash & Kibana)
Stars: ✭ 13 (-45.83%)
Beats DockerOfficial Beats Docker images
Stars: ✭ 162 (+575%)
MalwlessTest Blue Team detections without running any attack.
Stars: ✭ 215 (+795.83%)
XcyclopediaEncyclopedia for Executables
Stars: ✭ 148 (+516.67%)
ElkstackThe config files and docker-compose.yml files of Dockerized ELK Stack
Stars: ✭ 96 (+300%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (+575%)
Elk搭建ELK日志分析平台。
Stars: ✭ 688 (+2766.67%)
qradarUnofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
Stars: ✭ 53 (+120.83%)
chef-filebeatChef Cookbook to Manage Elastic Filebeat https://supermarket.chef.io/cookbooks/filebeat
Stars: ✭ 31 (+29.17%)
elastic-stackA complete documentation on how to install Elastic Stack on Ubuntu 16.04 Server ASAP 😎
Stars: ✭ 12 (-50%)
Sagan** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
Stars: ✭ 236 (+883.33%)
Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (+616.67%)
SWELFSimple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
Stars: ✭ 23 (-4.17%)
Beat ExporterElastic beat-exporter for Prometheus
Stars: ✭ 139 (+479.17%)
OpenubaA robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
Stars: ✭ 127 (+429.17%)
RedelkRed Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
Stars: ✭ 1,692 (+6950%)
Beats🐠 Beats - Lightweight shippers for Elasticsearch & Logstash
Stars: ✭ 10,522 (+43741.67%)
ZircoliteA standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
Stars: ✭ 443 (+1745.83%)
Ansible Elk PlaybookA playbook for setting up the ELK Stack + beats log shippers on Ubuntu 16.04 and above
Stars: ✭ 83 (+245.83%)
aushapeA library and a tool for converting audit logs to XML and JSON
Stars: ✭ 37 (+54.17%)
SiacSIAC is an enterprise SIEM built on open-source technology.
Stars: ✭ 100 (+316.67%)
K8sImportant production-grade Kubernetes Ops Services
Stars: ✭ 253 (+954.17%)
Blue-BaronAutomate creating resilient, disposable, secure and agile monitoring infrastructure for Blue Teams.
Stars: ✭ 23 (-4.17%)
k8s-log容器日志搜集套件。
Stars: ✭ 15 (-37.5%)
ecs-loggingECS Logging - Common resources and issues for the language specific ECS loggers
Stars: ✭ 30 (+25%)
seahorseELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)
Stars: ✭ 31 (+29.17%)
dissect-testerSimple API/UI for testing filebeat dissect patterns against a collection of sample log lines.
Stars: ✭ 58 (+141.67%)
DsiemSecurity event correlation engine for ELK stack
Stars: ✭ 255 (+962.5%)
Docker ElasticDeploy Elastic stack in a Docker Swarm cluster. Ship application logs and metrics using beats & GELF plugin to Elasticsearch
Stars: ✭ 202 (+741.67%)
Vast🔮 Visibility Across Space and Time
Stars: ✭ 227 (+845.83%)
MegaDevBro IDS + ELK Stack to detect and block data exfiltration
Stars: ✭ 46 (+91.67%)
MozdefDEPRECATED - MozDef: Mozilla Enterprise Defense Platform
Stars: ✭ 2,164 (+8916.67%)
Dockerfilesome personally made dockerfile
Stars: ✭ 2,021 (+8320.83%)
SiemSIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (+554.17%)
S1EMThis project is a SIEM with SIRP and Threat Intel, all in one.
Stars: ✭ 270 (+1025%)
YpsilonAutomated Use Case Testing
Stars: ✭ 135 (+462.5%)
Filebeat KubernetesFilebeat container, alternative to fluentd used to ship kubernetes cluster and pod logs
Stars: ✭ 147 (+512.5%)
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (+387.5%)
go-zero-looklook🔥基于go-zero(go zero) 微服务全技术栈开发最佳实践项目。Develop best practice projects based on the full technology stack of go zero (go zero) microservices.
Stars: ✭ 2,691 (+11112.5%)
Elk Holeelasticsearch, logstash and kibana configuration for pi-hole visualiziation
Stars: ✭ 136 (+466.67%)
MeetUApplication that build on Elasticsearch and Spring Boot Microservices (Synchronous Service)
Stars: ✭ 22 (-8.33%)
ELK-HuntingThreat Hunting with ELK Workshop (InfoSecWorld 2017)
Stars: ✭ 58 (+141.67%)
LogiAM基于日志模板构建,采集任务动态管控、数据质量精确度量,一站式日志采集平台
Stars: ✭ 199 (+729.17%)