• Stars
    star
    16
  • Rank 1,311,288 (Top 26 %)
  • Language
  • Created over 5 years ago
  • Updated about 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Splunk app to compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard Spider + Sandworm)

More Repositories

1

puppet-splunk

Deploy Splunk instances on Windows and Linux in simple, distributed or (multisite) clustered topologies. Demoed by Splunk at .conf2017
Puppet
21
star
2

TA-dmarc

Add-on for ingesting DMARC aggregate reports into Splunk
Python
15
star
3

TA-defender-atp-hunting

Add-on to onboard telemetry data via Microsoft Defender ATP hunting API in Splunk (ES)
Python
8
star
4

TA-ad-assets-identities

Dump all users, groups and computers from an Active Directory domain into an asset and identities lookup usable by Splunk Enterprise Security.
Python
7
star
5

TA-netflow-logstash

CIM compliant TA to enable Netflow v5, v9 and IPFIX events in Splunk (Enterprise Security)
4
star
6

TA-bro-ids

CIM compliant TA to enable Bro IDS events in Splunk
3
star
7

TA-oscap-oval

TA for evaluating RHEL and SLES OVAL definitions for Splunk
XSLT
2
star
8

TA-p0f

TA-p0f (passive os fingerprinting tool) for Splunk
2
star
9

TA-vsftpd

CIM compliant TA to enable vsftpd events in Splunk (Enterprise Security)
2
star
10

TA-mbsa

Microsoft Baseline Security Analyzer add-on for Splunk
Batchfile
2
star
11

TA-skybox

Technical add-on for Splunk to query Skybox Security API
Python
2
star
12

nessus2json

Convert Nessus XML export to JSON for use in Tableau or Power BI
Python
1
star
13

TA-mysql-audit

MySQL audit add-on for Splunk
1
star
14

TA-suricata

CIM compliant TA to enable Suricata events in Splunk (Enterprise Security)
1
star
15

TA-messagetracking-for-cisco-esa

Convert cisco:esa:textmail logs into clean message tracking events with rich metadata for Splunk Enterprise Security
1
star
16

TA-windows-filtering-platform

CIM compliant TA to enable Windows firewall events (5156)
1
star
17

TA-w32time

TA-w32time for Splunk
1
star