splunk

There are 50 repositories under splunk topic.

• SigmaHQ / sigma

  Main Sigma Rule Repository

  securitymonitoringsiemloggingsignatureselasticsearchsplunkidssysmon
  Language:Python 7620

• graphistry / pygraphistry

  PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer

  graphvisualizationgpugraphistrypythonrapidscugraphnetworkxneo4jtigergraphpandascsvwebglsplunkcudfjupyterigraphnetwork-analysisnetwork-visualizationgraph-visualization
  Language:Python 2054
• gnomock

  orlangure / gnomock

  Test your code without writing mocks with ephemeral Docker containers 📦 Setup popular services with just a couple lines of code ⏱️ No bash, no yaml, only code 💻

  cockroachdbdockerelasticsearchend-to-end-testinggogolanghacktoberfestintegration-testingkafkakubernetesmariadbmemcachedmongomysqlpostgresrabbitmqredissplunksql-servertesting
  Language:Go 1305
• security_content

  splunk / security_content

  Splunk Security Content

  splunkdetectionengineeringresponsescicdcybersecuritydetection-engineering
  Language:Python 1136

• olafhartong / ThreatHunting

  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

  splunkmitre-attackthreat-huntingdfir
  1102

• siglens / siglens

  100x Efficient Log Management than Splunk :rocket: Reduce your observability cost by 90%

  distributed-tracinggohacktoberfestlog-managementlog-searchlogginglogsmonitoringnewrelicobservabilityopensourceopentelemetrysplunk
  Language:Go 995

• reidmorrison / semantic_logger

  Semantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.

  bugsnagelasticsearchloggingrails-semantic-loggersplunksyslog
  Language:Ruby 836
• zentral

  zentralopensource / zentral

  Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.

  macosinventoryelasticsearchendpoint-managementendpoint-securityeventsgitopsjamfmdmmunkiosquerysantasplunksumologicterraformunified-viewapple-mdm
  Language:Python 721

• infosecB / awesome-detection-engineering

  Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.

  detection-engineeringsplunkmitreawesome-listawesomecybersecuritythreat-detection
  550

• blackhillsinfosec / EventLogging

  Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.

  active-directoryelasticsearchpowershellsplunkthreat-huntingwindows-event-collectorwindows-event-logs
  Language:PowerShell 447

• ANSSI-FR / ADTimeline

  Timeline of Active Directory changes with replication metadata

  windowsforensicsdfiractive-directorypowershelltimelinesplunk
  Language:PowerShell 445

• Dicklesworthstone / automatic_log_collector_and_analyzer

  Replace Splunk in your small company with this one weird trick!

  ingestionlogloggingsplunk
  Language:Python 386

• splunk / splunk-connect-for-kubernetes

  Helm charts associated with kubernetes plug-ins

  kuberneteschartsplunkhelmhelm-chart
  Language:Python 341
• ThreatHunting-Keywords

  mthcht / ThreatHunting-Keywords

  Awesome list of keywords and artifacts for Threat Hunting sessions

  awesome-listblueteamdetection-engineeringendpoint-securityiocsoffensive-scriptsoffensive-securityredteamsiemsocsplunkthreat-huntingthreat-intelligencethreathuntingdfirincident-responseforensichacktoolssigma-ruleselk-stack
  Language:HTML 336

• ecstatic-nobel / OSweep

  Don't Just Search OSINT. Sweep It.

  osintsplunkcybersecuritypythonthreat-intelligencethreat-huntingthreat-analysismalware-analysispivotingcertificate-transparencycybercrimeransomwarescannersthreatcrowdurlhausurlscan-io
  Language:Python 300

• inodee / threathunting-spl

  Splunk code (SPL) for serious threat hunters and detection engineers.

  splunkthreat-huntinguse-casesiemrulesspl
  255

• cloudmarker / cloudmarker

  Cloud security monitoring tool and framework

  azuregoogle-cloud-platformelasticsearchmongodbsplunkemailslacksecuritysecurity-toolssecurity-auditcloudcloud-securitycloud-security-audit
  Language:Python 216

• LinMingQiang / sparkstreaming

  :boom: :rocket: 封装sparkstreaming动态调节batch time(有数据就执行计算)；:rocket: 支持运行过程中增删topic；:rocket: 封装sparkstreaming 1.6 - kafka 010 用以支持 SSL。

  sparkkafkassc-dstreamsparkstreamingspark-kafkaspark-esspark-kuduspark-hbasehbasekafka-sparkkafka-utilflink-kafkaes-shadeflinksplunkkudusparkstreaming-kafkarabbitmq-utilhbase-utilkafka-ssl
  Language:Scala 182

• pe3zx / crowdstrike-falcon-queries

  A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon

  crowdstrikesplunkthreat-hunting
  168

• P4T12ICK / ypsilon

  Automated Use Case Testing

  ansiblecuckooelkmalwaresecuritysiemsplunkuse-case
  Language:TeX 161

• splunk / splunk-connect-for-syslog

  Splunk Connect for Syslog

  splunksyslog
  Language:Python 143

• splunk / ansible-role-for-splunk

  Splunk@Splunk's Ansible role for installing Splunk, upgrading Splunk, and installing apps/addons on Splunk deployments (VM/bare metal)

  splunk-upgradesplunk-deploymentssplunk-adminssplunk-forwardersplunkansibleanisble-roleansible-role-for-splunksplunk-installationssplunk-rolesplunk-appsautomationconfiguration-managementansible-playbooksgitsplunk-universal-forwarderssplunk-ansible
  Language:Jinja 134

• siddharthajuprod07 / youtube

  This repo will have all the data and codes I have used for my youtube channel

  splunkyoutubeyoutube-channelpythonjavascript
  Language:JavaScript 133

• sduff / awesome-splunk

  A collection of awesome resources for Splunk

  awesomeawesome-listsplunksplunk-resources
  118

• splunk / splunk-platform-automator

  Ansible framework providing a fast and simple way to spin up complex Splunk environments.

  splunksplunk-enterprisevagrantvirtualboxansibleawsansible-playbookssplunk-environment
  Language:Python 115

• nsacyber / Certificate-Authority-Situational-Awareness

  Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber

  certificatecertificatescertificate-authoritiescertificate-authoritysplunkwindows
  Language:PowerShell 106

• PaloAltoNetworks / Splunk-Apps

  Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.

  palo-alto-networkssplunkfirewallendpoint-protectionanalysisdata-visibilityvisualizationngfwfeaturedpan-oscortex-data-lakeprisma-accessprisma-cloud-compute-editionprisma-saasvm-seriesglobalprotectcortex-xdr
  Language:Python 98

• prbinu / dmarc-report-processor

  Scripts to pull DMARC reports from your mailbox (imap client) and convert it to Splunk friendly comma-separated key-value format

  dmarcimap-clientattachmentsplunkdmarc-reportsdmarc-convertorgmailimapdmarc-parserpythonxml-files
  Language:Python 93

• nheijmans / malzoo

  Mass static malware analysis tool

  pythonwiki-pagesplunkmongodbelasticsearchmalware-analysisautomationemail-parsing
  Language:Python 91

• safernandez666 / Kong-API-Manager

  Kong API Manager with Prometheus And Graylog

  apidockerdocker-composegrafanakongkongaprometheussecuritysecurity-toolssiemsplunk
  Language:Python 88
• spring-microservices-in-action

  wuyichen24 / spring-microservices-in-action

  The source code of the book "Spring Microservices in Action (John Carnell)" and the personal summary of technical essentials about Spring Boot for microservices.

  spring-bootmicroservicesnetflix-eurekanetflix-zuulnetflix-hystrixnetflix-ribbonkafkaredisnetflixnetflix-osssplunk
  Language:Java 85

• splunk / fluent-plugin-splunk-hec

  This is the Fluentd output plugin for sending events to Splunk via HEC.

  fluentdpluginsplunkhec
  Language:Ruby 83

• mulesoft-catalyst / metrics-toolkit

  The metrics toolkit (formerly metrics accelerator/framework) is a Mule application intended to collect, aggregate and load platform metrics into different visualization systems; providing out of the box integrations and visualization options, including useful dashboards and charts.

  metrics-acceleratormetrics-frameworkmetrics-toolkitplatform-metricssplunk
  Language:DataWeave 81

• nsacyber / Splunk-Assessment-of-Mitigation-Implementations

  Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber

  windowssplunkcomplianceauditauditingscoringassessment
  Language:Python 72

• yorokobi / vim-splunk

  Syntax highlighting for Splunk .conf files

  splunksyntax-highlighting
  Language:Vim Script 72

• Ladder99 / fanuc-driver

  Configurable Fanuc Focas data collector and post processor.

  cncdriverfanucfocasiiotindustry-40influxdbmqttmtconnectsparkplugbsplunk
  Language:C# 66