There are 50 repositories under splunk topic.
PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer
Splunk Security Content
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Semantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.
Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
Timeline of Active Directory changes with replication metadata
Replace Splunk in your small company with this one weird trick!
Helm charts associated with kubernetes plug-ins
Awesome list of keywords and artifacts for Threat Hunting sessions
Don't Just Search OSINT. Sweep It.
Splunk code (SPL) for serious threat hunters and detection engineers.
Cloud security monitoring tool and framework
:boom: :rocket: 封装sparkstreaming动态调节batch time(有数据就执行计算);:rocket: 支持运行过程中增删topic;:rocket: 封装sparkstreaming 1.6 - kafka 010 用以支持 SSL。
A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon
Splunk@Splunk's Ansible role for installing Splunk, upgrading Splunk, and installing apps/addons on Splunk deployments (VM/bare metal)
This repo will have all the data and codes I have used for my youtube channel
A collection of awesome resources for Splunk
Ansible framework providing a fast and simple way to spin up complex Splunk environments.
Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber
Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
Scripts to pull DMARC reports from your mailbox (imap client) and convert it to Splunk friendly comma-separated key-value format
Kong API Manager with Prometheus And Graylog
The source code of the book "Spring Microservices in Action (John Carnell)" and the personal summary of technical essentials about Spring Boot for microservices.
This is the Fluentd output plugin for sending events to Splunk via HEC.
The metrics toolkit (formerly metrics accelerator/framework) is a Mule application intended to collect, aggregate and load platform metrics into different visualization systems; providing out of the box integrations and visualization options, including useful dashboards and charts.
Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber
Configurable Fanuc Focas data collector and post processor.