BulkStrike
BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines. (by Silv3rHorn)
cses2humio
CrowdStrike Falcon Event Stream to Humio (by Trifork-Security)
BulkStrike | cses2humio | |
---|---|---|
1 | 3 | |
37 | 6 | |
- | - | |
0.8 | 0.0 | |
over 1 year ago | over 1 year ago | |
Python | Python | |
MIT License | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
BulkStrike
Posts with mentions or reviews of BulkStrike.
We have used some of these posts to build our list of alternatives
and similar projects.
cses2humio
Posts with mentions or reviews of cses2humio.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-02-22.
-
Best way to report on APIs and RTR History
What I've done is to use cses2humio (disclaimer, I'm the author) and ship Event Stream data to Humio. From there you can dashboard on "RemoteResponseSessionEndEvent " to show RTR commands for each session. It isn't necessary perfectly pretty printed as-is. For me it dosen't matter though, as it's used for compliance purpose as-is. Likewise you can use the *APIClient events to show Create, Update and Delete of API clients.
-
2022-02-11 - Cool Query Friday - Time To Assign, Time To Resolve, and Time To Close
Therefore I just want to drop the inform I have created the package cses2humio that takes event from CrowdStrike Event Stream and ships to Humio. Know that you can get a 16 GB daily ingest account with Humio Community Edition to try this out. Afterwards you can install the Humio Package (es-utils) I've created. This gives for now some content around searches, user functions and dashboards.
-
CrowdStrike Event Stream to Humio
Link to the project : https://github.com/Trifork-Security/cses2humio
What are some alternatives?
When comparing BulkStrike and cses2humio you can also consider the following projects:
psfalcon - PowerShell for CrowdStrike's OAuth2 APIs
es-utils - CrowdStrike Event Stream package for Humio
falconpy - The CrowdStrike Falcon SDK for Python
falcon-query-assets - Welcome to the Falcon Query Assets GitHub page.
caracara - Developer enhancements (DX) for FalconPy, the CrowdStrike Python SDK
ansible_collection_falcon - Install and configure CrowdStrike's Falcon sensor via Ansible.