dstaulcu

TA-Sigma-Searches

A Splunk app with saved reports derived from Sigma rules

SplunkTools

A collection of scripts useful in management of Splunk deployment

SplunkKOHelper

Job aide to help transition splunk reports and dashboards to support splunk app for windows v5

NVD-Tools

Collection of scripts to interact with NVD content

PowerOps

Execute powershell scripts on endpoints in parallel and collate results.

ScrapeSplunkDocs

Powershell script to automate download, categorization, and compression of Splunk Enterprise documentation

Splunkbase

WinEventsToSplunkObjects

Explore windows event log providers and export selected event ids to CSV, Splunk inputs, or Splunk SPL

DiskIOMon

Identify sources of large file transfers when disk queue lengths are high

EventsToSpeech

Powershell script to monitor application crash or hang incidents and to audibly notify users via windows speech synthesizer.

splunkutils

powershell module for interacting with splunk resources via rest

ThreatHunting_v2

AllTools

All reasonably stable tools

aws

scripts to interact with various aws services

demo_tika

EtwExplorer

View ETW Provider manifest

MovePicturesToDateFolder

PUBG

shared_scripts

Splunk-IR-Tools

Splunk-Modal-Window

Code for HL blog posts: https://www.hurricanelabs.com/splunk-tutorials/splunk-custom-modal-view-creation-part-1-revealing-a-path-toward-enhanced-visibility-and-functionality -

splunk_help_menu

splunk_queries

Splunk_TA_Windows

Revision history for Splunk_TA_Windows

Splunkdocs

SplunkThreatFeeds

sysmon-modular

A repository of sysmon configuration modules

SysmonBetaTest

TA-AppCrashGather

Script-based Splunk input to extract, transform, and forward firefox crash reporting logs

ThreatHunting

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts