#

siem

Here are 168 public repositories matching this topic...

Graylog2 / graylog2-server

Open

Event Indices should not be offered when creating a new Stream

mpfz0r commented Jan 31, 2020

Read more

bug triaged good first issue

Open

Exception on server shutdown

1

Open

Discrepancy in display counts on Sources view

2

Find more good first issues

SigmaHQ / sigma

Open

Add further events to generic Windows audit config

thomaspatzke commented Oct 13, 2020

The generic Windows audit log config lacks many event ids, e.g.

registry events
driver load service addition events, System/7045 and Security/4697
likely others

Read more

enhancement good first issue

Open

Map EVTX samples to Sigma rules

2

Open

Add MITRE CAR taggig to rules

mozilla / MozDef

DEPRECATED - MozDef: Mozilla Enterprise Defense Platform

python security elasticsearch elk abandoned unmaintained siem elk-stack

Updated Nov 2, 2021
Python

outflanknl / RedELK

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

security elasticsearch kibana logstash monitoring siem elastic red-teaming

Updated Dec 24, 2021
Python

elastdocker

sherifabdlnaby / elastdocker

🐳 Elastic Stack (ELK) on Docker, with preconfigured Security, Tools, and Monitoring. Enables Logs, Metrics, APM, Alerting, and SIEM features. Up with a Single Command.

docker elasticsearch kibana elasticstack logstash docker-compose elk siem observability elk-stack docker-compos-template

Updated Jan 1, 2022
Dockerfile

lennartkoopmann / nzyme

Sponsor

Nzyme is a free and open next-generation WiFi defense system. Go to www.nzyme.org for more information.

security graylog wifi infosec siem monitor-mode wids wifi-adapters wifi-ids management-frames

Updated Jan 7, 2022
Java

sentinel-attack

BlueTeamLabs / sentinel-attack

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

azure detection logging cybersecurity sysmon threat-hunting siem security-tools blue-team mitre-attack workbooks sysmon-config terraform-azure kql azure-sentinel

Updated Apr 27, 2021
HCL

nsacyber / Event-Forwarding-Guidance

Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber

windows event-log siem

Updated Nov 17, 2020
PowerShell

jaegeral / security-apis

A collective list of public APIs for use in security. Contributions welcome

security json json-api awesome-list siem

Updated Jun 14, 2021

vast

tenzir / vast

Sponsor

🔮 Visibility Across Space and Time – The network telemetry engine for data-driven security investigations.

security network-forensics incident-response actor-model bitmap-index siem soc threathunting

Updated Jan 9, 2022
C++

defenxor / dsiem

Security event correlation engine for ELK stack

security elasticsearch logstash elk lookup siem ossim ossim-style-correlation

Updated Jan 6, 2022
Go

Meerkat

TonyPhipps / Meerkat

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

Updated Mar 16, 2021
PowerShell

olafhartong / ATTACKdatamap

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

dfir threat-hunting siem mitre-attack threat-detection

Updated Nov 3, 2020
PowerShell

n0dec / MalwLess

Test Blue Team detections without running any attack.

powershell dfir sysmon siem hacktoberfest blueteam redteam mitre-attack

Updated Oct 11, 2021
C#

beave / sagan

** README ** This repo has MOVED to https://github.com/quadrantsec/sagan

security log syslog ids siem nsm ips log-monitoring

Updated Feb 9, 2021

strontic / xcyclopedia

Encyclopedia for Executables

command-line executable siem exe ssdeep soar lolbins

Updated Nov 9, 2021
PowerShell

TonyPhipps / SIEM

SIEM Tactics, Techiques, and Procedures

Updated Dec 28, 2021

GACWR / OpenUBA

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]

Updated Jan 6, 2022
Python

NVISOsecurity / ee-outliers

Open

Implement Local Outlier Factor as trigger_method

daanraman commented Apr 3, 2019

https://en.wikipedia.org/wiki/Local_outlier_factor

Read more

good first issue to triage

Open

Create entropy metric which takes into account the length of the string

1

Open

allow support for min_value to match terms model

iknowjason / PurpleCloud

Hybrid + Identity Cyber Range

azure dfir siem pentest purpleteam azure-lab dfir-automation

Updated Jul 16, 2021
HTML

inodee / threathunting-spl

Splunk code (SPL) for serious threat hunters and detection engineers.

rules splunk threat-hunting siem spl use-case

Updated Sep 24, 2021

P4T12ICK / ypsilon

Automated Use Case Testing

security ansible splunk malware elk siem cuckoo use-case

Updated May 1, 2018
TeX

dogoncouch / LogESP

Open Source SIEM (Security Information and Event Management system).

security security-audit log-analysis log syslog web-application log-collector forensics secops siem log-management risk-assessment log-parser vulnerability-management risk-management security-tools log-monitoring security-analysis asset-management security-awareness

Updated Jun 14, 2021
Python

siembol

G-Research / siembol

An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced security analytics framework.

security cloud big-data siem metron

Updated Jan 4, 2022
Java

Cargill / OpenSIEM-Logstash-Parsing

SIEM Logstash parsing for more than hundred technologies

logstash parsing logs siem

Updated Jan 8, 2022
Python

CityBaseInc / SIAC

SIAC is an enterprise SIEM built on open-source technology.

aws security incident-response elk intrusion-detection pci-dss compliance siem osquery fim secdevops wazuh

Updated Oct 31, 2018

ashwin-patil / blue-teaming-with-kql

Repository with Sample KQL Query examples for Threat Hunting

security azure threat-hunting siem loganalytics blueteaming azure-data-explorer kql azure-sentinel

Updated Aug 6, 2021

Annsec / awesome-cybersecurity

Curated list of awesome cybersecurity companies and solutions.

security malware cybersecurity siem threatintel

Updated Apr 20, 2017

SecurityRiskAdvisors / TALR

Threat Alert Logic Repository

siem stix taxii sigma

Updated Feb 7, 2019
Shell

mdecrevoisier / EVTX-to-MITRE-Attack

Set of EVTX samples (>170) mapped to MITRE Att@k tactic and techniques to measure your SIEM coverage or developed new use cases.

threat-hunting siem redteam mitre-attack evtx

Updated Jan 6, 2022

Improve this page

Add a description, image, and links to the siem topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the siem topic, visit your repo's landing page and select "manage topics."