#
splunk
Here are 449 public repositories matching this topic...
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
-
Updated
Oct 15, 2020 - Python
Semantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.
-
Updated
Oct 22, 2020 - Ruby
matthewmodestino
commented
Sep 28, 2020
What would you like to be added:
Document experience we have seen with various log rotation size/frequency settings and how rotate_wait or refresh_interval may help.
Why is this needed:
To help users validate the upper limit of a single collector and review some deployment changes that can be made t
Timeline of Active Directory changes with replication metadata
-
Updated
Aug 13, 2020 - PowerShell
Don't Just Search OSINT. Sweep It.
python
osint
splunk
cybersecurity
certificate-transparency
ransomware
threat-hunting
malware-analysis
scanners
cybercrime
threat-analysis
pivoting
threat-intelligence
urlscan-io
threatcrowd
urlhaus
-
Updated
Jun 24, 2019 - Python
kafka
spark
splunk
kudu
hbase
flink
sparkstreaming
flink-kafka
ssc-dstream
spark-kafka
spark-es
spark-kudu
spark-hbase
kafka-spark
kafka-util
es-shade
sparkstreaming-kafka
rabbitmq-util
hbase-util
kafka-ssl
-
Updated
Oct 13, 2020 - Scala
Test your code without writing mocks with ephemeral Docker containers
mysql
testing
go
docker
redis
golang
elasticsearch
postgres
mongo
memcached
sql-server
kafka
rabbitmq
splunk
integration-testing
mariadb
end-to-end-testing
hacktoberfest
localstack
-
Updated
Oct 21, 2020 - Go
Splunk Security Content
-
Updated
Oct 23, 2020 - Python
Splunk code (SPL) useful for serious threat hunters.
-
Updated
Jul 1, 2020
Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber
-
Updated
Jun 2, 2016 - PowerShell
Scripts to pull DMARC reports from your mailbox (imap client) and convert it to Splunk friendly comma-separated key-value format
python
splunk
imap
gmail
attachment
dmarc
xml-files
imap-client
dmarc-reports
dmarc-convertor
dmarc-parser
-
Updated
Mar 18, 2018 - Python
Development repository for Chef's Splunk cookbook
-
Updated
Oct 23, 2020 - Ruby
Mass static malware analysis tool
-
Updated
Jul 4, 2020 - YARA
Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber
-
Updated
May 25, 2016 - Python
Ansible framework providing a fast and simple way to spin up complex Splunk environments.
-
Updated
Oct 23, 2020 - HTML
Syntax highlighting for Splunk .conf files
-
Updated
Oct 20, 2020 - Vim script
Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
visualization
analysis
splunk
firewall
ngfw
endpoint-protection
featured
palo-alto-networks
data-visibility
-
Updated
Oct 7, 2020 - Python
pallan
commented
Sep 5, 2018
In many environments there is a cost to network traffic used. Allowing compression of the HTTP post to the HEC endpoint could greatly reduce these costs and transport time.
This repo will have all the data and codes I have used for my youtube channel
-
Updated
Oct 23, 2020 - JavaScript
Bi-weekly hunting queries
-
Updated
Oct 23, 2020
A scalable prometheus remote storage adapter for splunk.
-
Updated
May 13, 2020 - Go
A Search command to explore Elasticsearch data within Splunk.
-
Updated
Sep 14, 2018 - Python
Python logging handler for sending logs to Splunk Enterprise
-
Updated
Oct 9, 2020 - Python
Improve this page
Add a description, image, and links to the splunk topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the splunk topic, visit your repo's landing page and select "manage topics."
The generic Windows audit log config lacks many event ids, e.g.