splunk

🚀 10x easier, 🚀 140x lower storage cost, 🚀 high performance, 🚀 petabyte scale - Elasticsearch/Splunk/Datadog alternative for 🚀 (logs, metrics, traces, RUM, Error tracking, Session replay).

Main Sigma Rule Repository

PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer

100x Efficient Log Management than Splunk 🚀 Reduce your observability cost by 90%

Splunk Security Content

Test your code without writing mocks with ephemeral Docker containers 📦 Setup popular services with just a couple lines of code ⏱️ No bash, no yaml, only code 💻

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.

Semantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.

Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.

Awesome list of keywords and artifacts for Threat Hunting sessions

Timeline of Active Directory changes with replication metadata

Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.

Replace Splunk in your small company with this one weird trick!

Helm charts associated with kubernetes plug-ins

Don't Just Search OSINT. Sweep It.

Splunk code (SPL) for serious threat hunters and detection engineers.

Cloud security monitoring tool and framework

A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon

💥 🚀 封装sparkstreaming动态调节batch time(有数据就执行计算)；🚀 支持运行过程中增删topic；🚀 封装sparkstreaming 1.6 - kafka 010 用以支持 SSL。