TA-Sysmon-deployDeploy and maintain Symon through the Splunk Deployment Sever
Stars: ✭ 31 (-26.19%)
SigmaGeneric Signature Format for SIEM Systems
Stars: ✭ 4,418 (+10419.05%)
TA-opnsenseSplunk Add on for OPNsense firewall
Stars: ✭ 13 (-69.05%)
detection-rulesThreat Detection & Anomaly Detection rules for popular open-source components
Stars: ✭ 34 (-19.05%)
mapleType-safe, consistently named and formatted, structured logging wrapper for SLF4J that's ideally suited for your logging aggregator.
Stars: ✭ 39 (-7.14%)
twitter-aws-comprehendAn app to analyze tweets using Amazon Comprehend's Sentiment Analysis service
Stars: ✭ 13 (-69.05%)
Splunk TA paloaltoThe Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.
Stars: ✭ 15 (-64.29%)
system-monitorQt based replacement for gnome system monitor
Stars: ✭ 16 (-61.9%)
splunk-hec-goSplunk HTTP Event Collector (HEC) Golang library
Stars: ✭ 19 (-54.76%)
vault-plugin-splunkVault plugin to securely manage Splunk admin accounts and password rotation
Stars: ✭ 23 (-45.24%)
semantic loggerSemantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.
Stars: ✭ 730 (+1638.1%)
SplunkScripletsVarious Splunk Scripts and applets, all in one place
Stars: ✭ 24 (-42.86%)
TA-dmarcAdd-on for ingesting DMARC aggregate reports into Splunk
Stars: ✭ 14 (-66.67%)
evtx2jsonA tool to convert Windows evtx files (Windows Event Log Files) into JSON format and log to Splunk (optional) using HTTP Event Collector.
Stars: ✭ 38 (-9.52%)
TA ETWSplunk Technology Add-On (TA) for collecting ETW events from Windows systems
Stars: ✭ 17 (-59.52%)
SysmonResourcesConsolidation of various resources related to Microsoft Sysmon & sample data/log
Stars: ✭ 64 (+52.38%)
SWELFSimple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
Stars: ✭ 23 (-45.24%)
ZircoliteA standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
Stars: ✭ 443 (+954.76%)
fanuc-driverConfigurable Fanuc Focas data collector and post processor.
Stars: ✭ 38 (-9.52%)
TA-bigfixSplunk technical add-on (TA) for ingesting BigFix client, relay, and server logs. Includes REST inputs for ingesting assets, relevant fixlets, action summaries, and analysis results.
Stars: ✭ 15 (-64.29%)
splunk handlerPython logging handler for sending logs to Splunk Enterprise
Stars: ✭ 44 (+4.76%)
ansible-role-for-splunkSplunk@Splunk's Ansible role for installing Splunk, upgrading Splunk, and installing apps/addons on Splunk deployments (VM/bare metal)
Stars: ✭ 75 (+78.57%)
ansible-splunk-playbookInstall a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
Stars: ✭ 34 (-19.05%)
splunk-otel-js-webSplunk distribution of Open Telemetry for browser environment.
Stars: ✭ 23 (-45.24%)
vagrant-idsAn Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
Stars: ✭ 21 (-50%)
Kong-API-ManagerKong API Manager with Prometheus And Graylog
Stars: ✭ 78 (+85.71%)
kafka-connect-splunkKafka Connect connector for receiving data and writing data to Splunk.
Stars: ✭ 25 (-40.48%)
config explorerConfig viewer and file editor for Splunk. Based on VSCode.
Stars: ✭ 20 (-52.38%)
spring-microservices-in-actionThe source code of the book "Spring Microservices in Action (John Carnell)" and the personal summary of technical essentials about Spring Boot for microservices.
Stars: ✭ 54 (+28.57%)
DetectionlabAutomate the creation of a lab environment complete with security tooling and logging best practices
Stars: ✭ 3,237 (+7607.14%)
Threathunter PlaybookA Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
Stars: ✭ 2,879 (+6754.76%)
MalwlessTest Blue Team detections without running any attack.
Stars: ✭ 215 (+411.9%)
WindowsspyblockerWindowsSpyBlocker 🛡️ is an application written in Go and delivered as
a single executable to block spying and
tracking on Windows systems.
Stars: ✭ 2,913 (+6835.71%)
WhidsOpen Source EDR for Windows
Stars: ✭ 188 (+347.62%)
Attack monitorEndpoint detection & Malware analysis software
Stars: ✭ 186 (+342.86%)
ShhmonNeutering Sysmon via driver unload
Stars: ✭ 166 (+295.24%)
Windows event loggingWindows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.
Stars: ✭ 128 (+204.76%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+2826.19%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+1509.52%)
Sysmon DfirSources, configuration and how to detect evil things utilizing Microsoft Sysmon.
Stars: ✭ 654 (+1457.14%)
SysmonsearchInvestigate suspicious activity by visualizing Sysmon's event log
Stars: ✭ 302 (+619.05%)
Sysmon ConfigSysmon configuration file template with default high-quality event tracing
Stars: ✭ 3,287 (+7726.19%)
ir scriptsincident response scripts
Stars: ✭ 17 (-59.52%)