#

siem

Here are 145 public repositories matching this topic...

Graylog2 / graylog2-server

Star

Open

Event Indices should not be offered when creating a new Stream

mpfz0r commented Jan 31, 2020

Read more

bug good first issue triaged

Open

Exception on server shutdown

Open

Discrepancy in display counts on Sources view

2

Find more good first issues →

SigmaHQ / sigma

Star

Open

Add further events to generic Windows audit config

thomaspatzke commented Oct 13, 2020

The generic Windows audit log config lacks many event ids, e.g.

registry events
driver load service addition events, System/7045 and Security/4697
likely others

Read more

enhancement good first issue

Open

Map EVTX samples to Sigma rules

Open

Add MITRE CAR taggig to rules

mozilla / MozDef

Star

MozDef: Mozilla Enterprise Defense Platform

python security elasticsearch elk siem elk-stack

Updated Apr 30, 2021
Python

outflanknl / RedELK

Star

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

security elasticsearch kibana logstash monitoring siem elastic red-teaming

Updated May 9, 2021
Python

lennartkoopmann / nzyme

Star

Nzyme is a free and open next-generation WiFi defense system. Go to www.nzyme.org for more information.

security graylog wifi infosec siem monitor-mode wids wifi-adapters wifi-ids management-frames

Updated May 9, 2021
Java

sentinel-attack

BlueTeamLabs / sentinel-attack

Star

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

azure detection logging cybersecurity sysmon threat-hunting siem security-tools blue-team mitre-attack workbooks sysmon-config terraform-azure kql azure-sentinel

Updated Apr 27, 2021
HCL

nsacyber / Event-Forwarding-Guidance

Star

Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber

windows event-log siem

Updated Nov 17, 2020
PowerShell

jaegeral / security-apis

Star

A collective list of public JSON APIs for use in security. Contributions welcome

security json-api awesome-list siem

Updated Feb 1, 2021

Meerkat

TonyPhipps / Meerkat

Star

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

Updated Mar 16, 2021
PowerShell

defenxor / dsiem

Star

Security event correlation engine for ELK stack

security elasticsearch logstash elk lookup siem ossim ossim-style-correlation

Updated May 8, 2021
Go

olafhartong / ATTACKdatamap

Star

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

dfir threat-hunting siem mitre-attack threat-detection

Updated Nov 3, 2020
PowerShell

vast

tenzir / vast

Sponsor Star

🔮 Visibility Across Space and Time – The network telemetry engine for data-driven security investigations.

security network-forensics incident-response actor-model bitmap-index siem soc threathunting

Updated May 9, 2021
C++

beave / sagan

Star

** README ** This repo has MOVED to https://github.com/quadrantsec/sagan

security log syslog ids siem nsm ips log-monitoring

Updated Feb 9, 2021

n0dec / MalwLess

Star

Test Blue Team detections without running any attack.

powershell dfir sysmon siem hacktoberfest blueteam redteam mitre-attack

Updated Oct 8, 2020
C#

NVISOsecurity / ee-outliers

Star

Open

Implement Local Outlier Factor as trigger_method

daanraman commented Apr 3, 2019

https://en.wikipedia.org/wiki/Local_outlier_factor

Read more

good first issue to triage

Open

Create entropy metric which takes into account the length of the string

1

Open

allow support for min_value to match terms model

TonyPhipps / SIEM

Star

SIEM Tactics, Techiques, and Procedures

Updated Apr 23, 2021

strontic / xcyclopedia

Star

Encyclopedia for Executables

command-line executable siem exe ssdeep soar lolbins

Updated Jan 16, 2021
PowerShell

iknowjason / PurpleCloud

Star

Hybrid + Identity Cyber Range

azure dfir siem pentest purpleteam azure-lab dfir-automation

Updated May 3, 2021
HTML

P4T12ICK / ypsilon

Star

Automated Use Case Testing

security ansible splunk malware elk siem cuckoo use-case

Updated May 1, 2018
TeX

GACWR / OpenUBA

Star

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]

Updated Apr 23, 2021
Python

inodee / threathunting-spl

Star

Splunk code (SPL) for serious threat hunters and detection engineers.

rules splunk threat-hunting siem spl use-case

Updated May 4, 2021

dogoncouch / LogESP

Star

Open Source SIEM (Security Information and Event Management system).

security security-audit log-analysis log syslog web-application log-collector forensics secops siem log-management risk-assessment log-parser vulnerability-management risk-management security-tools log-monitoring security-analysis asset-management security-awareness

Updated Apr 21, 2021
Python

CityBaseInc / SIAC

Star

SIAC is an enterprise SIEM built on open-source technology.

aws security incident-response elk intrusion-detection pci-dss compliance siem osquery fim secdevops wazuh

Updated Oct 31, 2018

Annsec / awesome-cybersecurity

Star

Curated list of awesome cybersecurity companies and solutions.

security malware cybersecurity siem threatintel

Updated Apr 20, 2017

SecurityRiskAdvisors / TALR

Star

Threat Alert Logic Repository

siem stix taxii sigma

Updated Feb 7, 2019
Shell

Cargill / OpenSIEM-Logstash-Parsing

Star

SIEM Logstash parsing for more than hundred technologies

logstash parsing logs siem

Updated Apr 28, 2021
Python

russelltomkins / Project-Sauron

Star

Tools to create a Native Windows Audit Collection Platform. Active Directory example provided

subscription event siem domain-controller audit-event event-forwarding wec wef

Updated Nov 5, 2019
PowerShell

skalogs / SkaETL

Star

Open Source ETL designed for and dedicated to Log processing and transformation

java elasticsearch logstash kafka etl logs cmdb siem

Updated Apr 26, 2021
Java

ashwin-patil / blue-teaming-with-kql

Star

Repository with Sample KQL Query examples for Threat Hunting

security azure threat-hunting siem loganalytics blueteaming azure-data-explorer kql azure-sentinel

Updated Feb 19, 2021

sigmai

0xThiebaut / sigmai

Star

Import specific data sources into the Sigma generic and open signature format.

security monitoring logging ids signatures siem misp sigma

Updated Jun 9, 2020
Go

Improve this page

Add a description, image, and links to the siem topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the siem topic, visit your repo's landing page and select "manage topics."