#

splunk

Here are 612 public repositories matching this topic...

SigmaHQ / sigma

Open

Add further events to generic Windows audit config

thomaspatzke commented Oct 13, 2020

The generic Windows audit log config lacks many event ids, e.g.

registry events
driver load service addition events, System/7045 and Security/4697
likely others

Read more

enhancement good first issue

Open

Map EVTX samples to Sigma rules

2

Open

Add MITRE CAR taggig to rules

graphistry / pygraphistry

PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer

visualization python webgl csv analytics neo4j graph splunk gpu cuda pandas networkx dashboards notebooks graphistry tigergraph rapids cudf cugraph blazingsql

Updated Apr 16, 2022
Python

olafhartong / ThreatHunting

Sponsor

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

splunk dfir threat-hunting mitre-attack

Updated Nov 18, 2021

gnomock

orlangure / gnomock

Open

Request: More options for MySQL preset

2

zdunecki commented Jul 6, 2021

Hey,

I see awesome MySQL preset but at case in my company there are still missing some features. We need three things:

Run in root mode.
Don't choose database at start because we have multiple db's in single MySQL instance.
Mount Docker volumes. We use internal cache for seeds and it's saved in Docker volume.

Here's a quick sneak peek what I'm talking about in code:
https://g

Read more

enhancement help wanted good first issue

reidmorrison / semantic_logger

Semantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.

elasticsearch bugsnag splunk logging syslog rails-semantic-logger

Updated Mar 9, 2022
Ruby

security_content

splunk / security_content

Splunk Security Content

engineering splunk detection cybersecurity cicd responses detection-engineering

Updated Apr 15, 2022
Python

FalconForceTeam / FalconFriday

Bi-weekly hunting queries

splunk sentinel hunting blueteam purpleteam kql defender-atp

Updated Feb 11, 2022

ANSSI-FR / ADTimeline

Timeline of Active Directory changes with replication metadata

windows timeline splunk powershell active-directory forensics dfir

Updated Jan 14, 2022
PowerShell

splunk / splunk-connect-for-kubernetes

Helm charts associated with kubernetes plug-ins

kubernetes chart splunk helm helm-chart

Updated Apr 14, 2022
Python

ecstatic-nobel / OSweep

Don't Just Search OSINT. Sweep It.

python osint splunk cybersecurity certificate-transparency ransomware threat-hunting malware-analysis scanners cybercrime threat-analysis pivoting threat-intelligence urlscan-io threatcrowd urlhaus

Updated Jan 26, 2021
Python

cloudmarker / cloudmarker

Cloud security monitoring tool and framework

slack security elasticsearch security-audit cloud mongodb splunk azure email google-cloud-platform security-tools cloud-security cloud-security-audit

Updated Jun 1, 2021
Python

inodee / threathunting-spl

Splunk code (SPL) for serious threat hunters and detection engineers.

rules splunk threat-hunting siem spl use-case

Updated Sep 24, 2021

LinMingQiang / sparkstreaming

💥

🚀 封装sparkstreaming动态调节batch time(有数据就执行计算)；🚀 支持运行过程中增删topic；🚀 封装sparkstreaming 1.6 - kafka 010 用以支持 SSL。

kafka spark splunk kudu hbase flink sparkstreaming flink-kafka ssc-dstream spark-kafka spark-es spark-kudu spark-hbase kafka-spark kafka-util es-shade sparkstreaming-kafka rabbitmq-util hbase-util kafka-ssl

Updated Apr 15, 2021
Scala

P4T12ICK / ypsilon

Automated Use Case Testing

security ansible splunk malware elk siem cuckoo use-case

Updated May 1, 2018
TeX

packetiq / SplunkArchitect

splunk architect

Updated Feb 15, 2020
Ruby

nsacyber / Certificate-Authority-Situational-Awareness

Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber

windows certificate splunk certificates certificate-authority certificate-authorities

Updated Jun 2, 2016
PowerShell

siddharthajuprod07 / youtube

This repo will have all the data and codes I have used for my youtube channel

javascript python youtube splunk youtube-channel

Updated Jan 14, 2022
JavaScript

splunkenizer / Splunkenizer

Ansible framework providing a fast and simple way to spin up complex Splunk environments.

aws ansible vagrant virtualbox splunk ansible-playbooks splunk-enterprise splunk-environment

Updated Apr 10, 2022
Python

splunk / splunk-connect-for-syslog

Splunk Connect for Syslog

Updated Apr 15, 2022
Python

prbinu / dmarc-report-processor

Scripts to pull DMARC reports from your mailbox (imap client) and convert it to Splunk friendly comma-separated key-value format

python splunk imap gmail attachment dmarc xml-files imap-client dmarc-reports dmarc-convertor dmarc-parser

Updated Mar 18, 2018
Python

PaloAltoNetworks / Splunk-Apps

Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.

visualization analysis splunk firewall ngfw vm-series endpoint-protection featured palo-alto-networks globalprotect data-visibility pan-os prisma-access cortex-data-lake prisma-cloud-compute-edition prisma-saas cortex-xdr

Updated Mar 30, 2022
Python

splunk / ansible-role-for-splunk

Splunk@Splunk's Ansible role for installing Splunk, upgrading Splunk, and installing apps/addons on Splunk deployments (VM/bare metal)

git ansible automation splunk ansible-playbooks configuration-management anisble-role splunk-forwarder splunk-apps splunk-upgrade splunk-deployments splunk-admins ansible-role-for-splunk splunk-installations splunk-role splunk-universal-forwarders splunk-ansible

Updated Mar 28, 2022
Jinja

safernandez666 / Kong-API-Manager

Kong API Manager with Prometheus And Graylog

api docker security docker-compose splunk grafana prometheus kong siem security-tools konga

Updated Oct 8, 2021
Python

splunk / fluent-plugin-splunk-hec

Open

[Feature] Support gzip compression on POST

3

pallan commented Sep 5, 2018

In many environments there is a cost to network traffic used. Allowing compression of the HTTP post to the HEC endpoint could greatly reduce these costs and transport time.

Read more

enhancement help wanted good first issue

nheijmans / malzoo

Mass static malware analysis tool

python elasticsearch automation mongodb splunk wiki-page malware-analysis email-parsing

Updated Feb 13, 2022
Python

nsacyber / Splunk-Assessment-of-Mitigation-Implementations

Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber

windows auditing splunk scoring audit assessment compliance

Updated May 25, 2016
Python

pe3zx / crowdstrike-falcon-queries

A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon

splunk threat-hunting crowdstrike

Updated May 23, 2020

yorokobi / vim-splunk

Syntax highlighting for Splunk .conf files

syntax-highlighting splunk

Updated Nov 15, 2021
Vim script

sduff / awesome-splunk

A collection of awesome resources for Splunk

awesome splunk awesome-list splunk-resources

Updated Sep 11, 2020

mulesoft-catalyst / metrics-toolkit

The metrics toolkit (formerly metrics accelerator/framework) is a Mule application intended to collect, aggregate and load platform metrics into different visualization systems; providing out of the box integrations and visualization options, including useful dashboards and charts.

splunk metrics-framework metrics-accelerator platform-metrics metrics-toolkit

Updated Apr 7, 2022
DataWeave

Improve this page

Add a description, image, and links to the splunk topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the splunk topic, visit your repo's landing page and select "manage topics."