39 Open source projects that are alternatives of or similar to TA_ETW

Splunk Connect for Syslog

Deploy and maintain Symon through the Splunk Deployment Sever

Configurable Fanuc Focas data collector and post processor.

Splunk technical add-on (TA) for ingesting BigFix client, relay, and server logs. Includes REST inputs for ingesting assets, relevant fixlets, action summaries, and analysis results.

Generic Signature Format for SIEM Systems

Python logging handler for sending logs to Splunk Enterprise

Splunk@Splunk's Ansible role for installing Splunk, upgrading Splunk, and installing apps/addons on Splunk deployments (VM/bare metal)

Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook

Splunk distribution of Open Telemetry for browser environment.

An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk

Kong API Manager with Prometheus And Graylog

Kafka Connect connector for receiving data and writing data to Splunk.

Config viewer and file editor for Splunk. Based on VSCode.

The source code of the book "Spring Microservices in Action (John Carnell)" and the personal summary of technical essentials about Spring Boot for microservices.

Sysmon Splunk App

Splunk Add on for OPNsense firewall

Threat Detection & Anomaly Detection rules for popular open-source components

Type-safe, consistently named and formatted, structured logging wrapper for SLF4J that's ideally suited for your logging aggregator.

An app to analyze tweets using Amazon Comprehend's Sentiment Analysis service

The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.

Deploy Google Cloud log export to Splunk using Terraform

Splunk HTTP Event Collector (HEC) Golang library

Vault plugin to securely manage Splunk admin accounts and password rotation

Semantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.

Various Splunk Scripts and applets, all in one place

Splunk Connect for Ethereum

A Splunk modular input for ingesting Prometheus metrics

Add-on for ingesting DMARC aggregate reports into Splunk

A tool to convert Windows evtx files (Windows Event Log Files) into JSON format and log to Splunk (optional) using HTTP Event Collector.

C/C++ Performance Profiler

ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.

Capture and parse CDP and LLDP packets on local or remote computers

Tool and library to convert ETW logs to JSON files

Logs key Windows process performance metrics. #nsacyber

Event Tracing For Windows (ETW) Resources

Trace ScriptBlock execution for powershell v2

Basically a KrabsETW rip-off written in Rust

ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.

A Splunk Technology Add-on to forward filtered ETW events.