49 Open source projects that are alternatives of or similar to sysmon-splunk-app

Deploy and maintain Symon through the Splunk Deployment Sever

Generic Signature Format for SIEM Systems

Splunk Add on for OPNsense firewall

Threat Detection & Anomaly Detection rules for popular open-source components

Type-safe, consistently named and formatted, structured logging wrapper for SLF4J that's ideally suited for your logging aggregator.

An app to analyze tweets using Amazon Comprehend's Sentiment Analysis service

The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.

Qt based replacement for gnome system monitor

Deploy Google Cloud log export to Splunk using Terraform

Splunk HTTP Event Collector (HEC) Golang library

Vault plugin to securely manage Splunk admin accounts and password rotation

Semantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.

Various Splunk Scripts and applets, all in one place

Splunk Connect for Ethereum

A Splunk modular input for ingesting Prometheus metrics

Pushes Sysmon Configs

Add-on for ingesting DMARC aggregate reports into Splunk

A tool to convert Windows evtx files (Windows Event Log Files) into JSON format and log to Splunk (optional) using HTTP Event Collector.

Splunk Technology Add-On (TA) for collecting ETW events from Windows systems

Splunk Connect for Syslog

Consolidation of various resources related to Microsoft Sysmon & sample data/log

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

Configurable Fanuc Focas data collector and post processor.

Splunk technical add-on (TA) for ingesting BigFix client, relay, and server logs. Includes REST inputs for ingesting assets, relevant fixlets, action summaries, and analysis results.

Python logging handler for sending logs to Splunk Enterprise

Splunk@Splunk's Ansible role for installing Splunk, upgrading Splunk, and installing apps/addons on Splunk deployments (VM/bare metal)

Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook

Splunk distribution of Open Telemetry for browser environment.

An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk

Kong API Manager with Prometheus And Graylog

Kafka Connect connector for receiving data and writing data to Splunk.

Config viewer and file editor for Splunk. Based on VSCode.

The source code of the book "Spring Microservices in Action (John Carnell)" and the personal summary of technical essentials about Spring Boot for microservices.

Automate the creation of a lab environment complete with security tooling and logging best practices

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

Test Blue Team detections without running any attack.

WindowsSpyBlocker 🛡️ is an application written in Go and delivered as a single executable to block spying and tracking on Windows systems.

Open Source EDR for Windows

Endpoint detection & Malware analysis software

Neutering Sysmon via driver unload

Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.

A repository of sysmon configuration modules

Utilities for Sysmon

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.

Investigate suspicious activity by visualizing Sysmon's event log

Sysmon configuration file template with default high-quality event tracing

incident response scripts