splunk

ZincSearch (Classic). A lightweight alternative to elasticsearch that requires minimal resources, written in Go.

Main Rule Repository

PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer

Test your code without writing mocks with ephemeral Docker containers 📦 Setup popular services with just a couple lines of code ⏱️ No bash, no yaml, only code 💻

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

Splunk Security Content

Semantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.

Zentral provides a unified view for endpoint monitoring. Comprehensive features include Santa binary authorization and patch management orchestration on macOS, as well as detailed Qsquery fleet management - all paired with event based stream processing and direct support for a range of data store backends (Elastic, OpenSearch, SumoLogic, Splunk,…

Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.

Timeline of Active Directory changes with replication metadata

Helm charts associated with kubernetes plug-ins

A list of useful Detection Engineering-related resources.

Don't Just Search OSINT. Sweep It.

Splunk code (SPL) for serious threat hunters and detection engineers.

Cloud security monitoring tool and framework

💥 🚀 封装sparkstreaming动态调节batch time(有数据就执行计算)；🚀 支持运行过程中增删topic；🚀 封装sparkstreaming 1.6 - kafka 010 用以支持 SSL。

Automated Use Case Testing

This repo will have all the data and codes I have used for my youtube channel

Splunk Connect for Syslog

Ansible framework providing a fast and simple way to spin up complex Splunk environments.