#Splunk
Showing 30 of 30 repositories tagged #splunk, ranked by stars
Open source observability platform for logs, metrics, traces, frontend monitoring, pipelines and LLM observability. A sophisticated, simple and highly performant alternative to Datadog, Splunk, and Elasticsearch with 140x lower storage costs and single binary deployment.
Main Sigma Rule Repository
PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer
100x Efficient Log Management than Splunk :rocket: Reduce your observability cost by 90%
Splunk Security Content
Test your code without writing mocks with ephemeral Docker containers ๐ฆ Setup popular services with just a couple lines of code โฑ๏ธ No bash, no yaml, only code ๐ป
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.
Helm charts associated with kubernetes plug-ins
Don't Just Search OSINT. Sweep It.
A lightweight schema-on-read analytics in a single binary
Splunk@Splunk's Ansible role for installing Splunk, upgrading Splunk, and installing apps/addons on Splunk deployments (VM/bare metal)
I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump, IDS (Suricata), SIEM (Splunk, Chronicle), and Python automation.
Automated Use Case Testing
Ansible framework providing a fast and simple way to spin up complex Splunk environments.
Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IOC and monitoring.
Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
Serilog-inspired structured logging for Go with message templates, rich formatting, and native Seq support
Mass static malware analysis tool
Scripts to pull DMARC reports from your mailbox (imap client) and convert it to Splunk friendly comma-separated key-value format
Kong API Manager with Prometheus And Graylog
Universal Configuration Console (UCC) is a developer toolkit that simplifies creating Technology Add-ons. UCC provides a comprehensive solution for add-on development, including auto-generation of UI, Rest handlers, modular inputs, monitoring dashboards. See more: https://dev.splunk.com/enterprise/docs/devtools/universal-configuration-console/
Collection of scripts, files, and tips to create and maintain networks, hack, and more!
Splunk App for Data Science and Deep Learning - container images repository
Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
Investigating attacks using Splunk Enterprise logs and creating SPL intrusion detection searches based on known attacker TTPs and anomaly behavior derived from statistical baselines
Ansible playbooks for configuring and managing Splunk Cloud deployments with the Admin Config Service (ACS) API
DetectPack Forge turns plain-English behaviors or sample logs into production-ready detection packs โ Sigma, KQL (Sentinel), SPL (Splunk) โ plus tests and a response playbook, mapped to MITRE ATT&CK, fully powered by Gen AI.
Certified SOC Analyst (CSA) Program - A comprehensive 6-month, hands-on Security Operations Center training curriculum. Developed by Aminu Idris, AMCPN | International Cybersecurity and Digital Forensics Academy (ICDFA)
A portfolio demonstrating advanced blue and red team skills, including: SSH MFA implementation, Volatility-based memory forensics to detect code injection, Splunk threat hunting (BOTS v3), Wireshark C2 analysis, and kernel exploitation walkthroughs (LinPEAS, VulnHub).