Python Splunk

Open-source Python projects categorized as Splunk

Top 16 Python Splunk Projects

  • sigma

    Main Sigma Rule Repository

  • Project mention: Sigma rules in real life | /r/cybersecurity | 2023-10-14

    Sigma rules https://github.com/SigmaHQ/sigma its value, I get it. Here’s a post https://www.linkedin.com/posts/nasreddinebencherchali_detection-blueteam-sigma-activity-7104868070069817344-mn91?utm_source=share&utm_medium=member_desktop detailing that 31 Sigma rules from the Sigma repository are triggering on different stages of the attack as described here https://thedfirreport.com/2023/08/28/html-smuggling-leads-to-domain-wide-ransomware/

  • Scout Monitoring

    Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.

    Scout Monitoring logo
  • pygraphistry

    PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer

  • Project mention: Graph Data Fits in Memory | news.ycombinator.com | 2024-04-15

    Extra fun: We find most enterprise/gov graph analytics work only requires 1-2 attributes to go along with the graph index, and those attributes often are already numeric (time, $, ...) or can be dictionary-encoded as discussed here (categorical, ID, ...)... so even 'tough' billion scale graphs are fine on 1 gpu.

    Early, but that's been the basic thinking into our new GFQL system: slice into the columns you want, and then do all the in-GPU traversals you want. In our V1, we keep things dataframe-native include the in-GPU data representation, and are already working on the first extensions to support switching to more graph-native indexing for steps as needed.

    Ex: https://github.com/graphistry/pygraphistry/blob/master/demos...

  • security_content

    Splunk Security Content

  • Project mention: SIEM content development | /r/SIEM | 2023-12-10

    There's a ton of valuable resources out there when searching for "detection engineering", beyond that, check https://research.splunk.com/ to get an idea of a structured and contextual approach. Beyond that, check Rob van Os Magma use case framework and any blog you can find on https://correlatedsecurity.com (Jurgen Visser). Last but not least, anything "awesome" on github, e.g. https://github.com/fabacab/awesome-cybersecurity-blueteam

  • threathunting

    A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

  • zentral

    Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.

  • splunk-connect-for-kubernetes

    Helm charts associated with kubernetes plug-ins

  • splunk-connect-for-syslog

    Splunk Connect for Syslog

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
  • Splunk-Apps

    Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.

  • evtx2json

    A tool to convert Windows evtx files (Windows Event Log Files) into JSON format and log to Splunk (optional) using HTTP Event Collector.

  • ChatGPT-4-Splunk

    Splunk TA for sending completion requests to ChatGPT

  • splunk-spl

    SPL cheatsheet for Splunk.

  • twitter-aws-comprehend

    An app to analyze tweets using Amazon Comprehend's Sentiment Analysis service

  • qasa

    Query your devices and systems for useful data (SNMP, HTTP etc), and send the results onwards... perhaps remote syslog server, OpenSearch, Splunk or even... It really doesn't care!

  • TA-opnsense

    Splunk Add on for OPNsense firewall

  • xm-labs-splunk-custom-messages

    Allows for a short and detailed message to be specified for each alert. Splunk tokens can be specified as part of the custom messages.

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Python Splunk discussion

Log in or Post with

Python Splunk related posts

  • Azure data sources

    1 project | /r/Splunk | 1 Jul 2023
  • Okta Data in Splunk( Reports, Alerts and Dashboards)

    1 project | /r/Splunk | 22 Mar 2023
  • New Release: TA OpenAI ChatGPT

    2 projects | /r/Splunk | 27 Jan 2023
  • Crowdstrike FDR logs to Splunk vs Splunk UF collecting logs from windows member server

    1 project | /r/crowdstrike | 22 Dec 2022
  • threat hunting DLL search order hijacking

    1 project | /r/crowdstrike | 13 Dec 2022
  • frustrated with lack of “entry level” security roles

    1 project | /r/cybersecurity | 26 Oct 2022
  • Learning splunk step by step

    1 project | /r/Splunk | 21 Oct 2022
  • A note from our sponsor - SaaSHub
    www.saashub.com | 14 Jun 2024
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source Splunk projects in Python? This list will help you:

Project Stars
1 sigma 7,772
2 pygraphistry 2,080
3 security_content 1,162
4 threathunting 1,113
5 zentral 728
6 splunk-connect-for-kubernetes 341
7 splunk-connect-for-syslog 146
8 Splunk-Apps 101
9 evtx2json 48
10 ChatGPT-4-Splunk 24
11 splunk-spl 19
12 twitter-aws-comprehend 16
13 qasa 3
14 TA-opnsense 1
15 remote-splunk-search 1
16 xm-labs-splunk-custom-messages 0

Sponsored
Free Django app performance insights with Scout Monitoring
Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
www.scoutapm.com