Top 16 Python Splunk Projects

• sigma

  41 7,598 9.8 Python

  Main Sigma Rule Repository

  

Project mention: Sigma rules in real life | /r/cybersecurity | 2023-10-14

Sigma rules https://github.com/SigmaHQ/sigma its value, I get it. Here’s a post https://www.linkedin.com/posts/nasreddinebencherchali_detection-blueteam-sigma-activity-7104868070069817344-mn91?utm_source=share&utm_medium=member_desktop detailing that 31 Sigma rules from the Sigma repository are triggering on different stages of the attack as described here https://thedfirreport.com/2023/08/28/html-smuggling-leads-to-domain-wide-ransomware/

• pygraphistry

  9 2,052 9.3 Python

  PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer

  

Project mention: Graph Data Fits in Memory | news.ycombinator.com | 2024-04-15

Extra fun: We find most enterprise/gov graph analytics work only requires 1-2 attributes to go along with the graph index, and those attributes often are already numeric (time, $, ...) or can be dictionary-encoded as discussed here (categorical, ID, ...)... so even 'tough' billion scale graphs are fine on 1 gpu.

Early, but that's been the basic thinking into our new GFQL system: slice into the columns you want, and then do all the in-GPU traversals you want. In our V1, we keep things dataframe-native include the in-GPU data representation, and are already working on the first extensions to support switching to more graph-native indexing for steps as needed.

Ex: https://github.com/graphistry/pygraphistry/blob/master/demos...

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• security_content

  20 1,132 9.9 Python

  Splunk Security Content

  

Project mention: SIEM content development | /r/SIEM | 2023-12-10

There's a ton of valuable resources out there when searching for "detection engineering", beyond that, check https://research.splunk.com/ to get an idea of a structured and contextual approach. Beyond that, check Rob van Os Magma use case framework and any blog you can find on https://correlatedsecurity.com (Jurgen Visser). Last but not least, anything "awesome" on github, e.g. https://github.com/fabacab/awesome-cybersecurity-blueteam

• threathunting

  3 1,102 1.7 Python

  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

• zentral

  1 720 9.5 Python

  Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.

  

• splunk-connect-for-kubernetes

  5 341 4.2 Python

  Helm charts associated with kubernetes plug-ins

  

• splunk-connect-for-syslog

  2 142 9.1 Python

  Splunk Connect for Syslog

  

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• Splunk-Apps

  1 98 5.8 Python

  Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.

  

• evtx2json

  1 48 10.0 Python

  A tool to convert Windows evtx files (Windows Event Log Files) into JSON format and log to Splunk (optional) using HTTP Event Collector.

• ChatGPT-4-Splunk

  2 24 7.6 Python

  Splunk TA for sending completion requests to ChatGPT

• twitter-aws-comprehend

  1 16 0.0 Python

  An app to analyze tweets using Amazon Comprehend's Sentiment Analysis service

• splunk-spl

  1 16 0.0 Python

  SPL cheatsheet for Splunk.

• qasa

  2 3 1.6 Python

  Query your devices and systems for useful data (SNMP, HTTP etc), and send the results onwards... perhaps remote syslog server, OpenSearch, Splunk or even... It really doesn't care!

• remote-splunk-search

  1 1 0.0 Python

  Search over a remote Splunk server

• xm-labs-splunk-custom-messages

  1 0 0.0 Python

  Allows for a short and detailed message to be specified for each alert. Splunk tokens can be specified as part of the custom messages.

  

• TA-opnsense

  1 0 4.9 Python

  Splunk Add on for OPNsense firewall

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Python Splunk related posts

• Azure data sources
  1 project | /r/Splunk | 1 Jul 2023
• Okta Data in Splunk( Reports, Alerts and Dashboards)
  1 project | /r/Splunk | 22 Mar 2023
• New Release: TA OpenAI ChatGPT
  2 projects | /r/Splunk | 27 Jan 2023
• Crowdstrike FDR logs to Splunk vs Splunk UF collecting logs from windows member server
  1 project | /r/crowdstrike | 22 Dec 2022
• threat hunting DLL search order hijacking
  1 project | /r/crowdstrike | 13 Dec 2022
• frustrated with lack of “entry level” security roles
  1 project | /r/cybersecurity | 26 Oct 2022
• Learning splunk step by step
  1 project | /r/Splunk | 21 Oct 2022
• A note from our sponsor - InfluxDB
  www.influxdata.com | 19 Apr 2024

  Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending Python projects with our weekly report!