SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Splunk Open-Source Projects
-
pygraphistry
PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
gnomock
Test your code without writing mocks with ephemeral Docker containers 📦 Setup popular services with just a couple lines of code ⏱️ No bash, no yaml, only code 💻
-
Semantic Logger
Semantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
zentral
Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.
-
awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
-
EventLogging
Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
-
ansible-role-for-splunk
Splunk@Splunk's Ansible role for installing Splunk, upgrading Splunk, and installing apps/addons on Splunk deployments (VM/bare metal)
-
youtube
This repo will have all the data and codes I have used for my youtube channel (by siddharthajuprod07)
-
Splunk-Apps
Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
-
maple
Type-safe, consistently named and formatted, structured logging wrapper for SLF4J that's ideally suited for your logging aggregator. (by Randgalt)
-
evtx2json
A tool to convert Windows evtx files (Windows Event Log Files) into JSON format and log to Splunk (optional) using HTTP Event Collector.
-
splunk-enterprise
Guidance on deploying Splunk Enterprise on Azure with automated reference implementation
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Sigma rules https://github.com/SigmaHQ/sigma its value, I get it. Here’s a post https://www.linkedin.com/posts/nasreddinebencherchali_detection-blueteam-sigma-activity-7104868070069817344-mn91?utm_source=share&utm_medium=member_desktop detailing that 31 Sigma rules from the Sigma repository are triggering on different stages of the attack as described here https://thedfirreport.com/2023/08/28/html-smuggling-leads-to-domain-wide-ransomware/
Extra fun: We find most enterprise/gov graph analytics work only requires 1-2 attributes to go along with the graph index, and those attributes often are already numeric (time, $, ...) or can be dictionary-encoded as discussed here (categorical, ID, ...)... so even 'tough' billion scale graphs are fine on 1 gpu.
Early, but that's been the basic thinking into our new GFQL system: slice into the columns you want, and then do all the in-GPU traversals you want. In our V1, we keep things dataframe-native include the in-GPU data representation, and are already working on the first extensions to support switching to more graph-native indexing for steps as needed.
Ex: https://github.com/graphistry/pygraphistry/blob/master/demos...
There's a ton of valuable resources out there when searching for "detection engineering", beyond that, check https://research.splunk.com/ to get an idea of a structured and contextual approach. Beyond that, check Rob van Os Magma use case framework and any blog you can find on https://correlatedsecurity.com (Jurgen Visser). Last but not least, anything "awesome" on github, e.g. https://github.com/fabacab/awesome-cybersecurity-blueteam
Project mention: Siglens: A columnar OLAP db that can execute queries 50x faster than ClickHouse | news.ycombinator.com | 2024-02-20I found their claims exaggerated: https://github.com/siglens/siglens/issues/created_by/alexey-...
Project mention: Detection Engineering - Responsibilities / Career Growth / Compensation | /r/SecurityCareerAdvice | 2023-06-14Apologies if unclear, I meant the path towards Detection Engineering! I've immersed myself into awesome-detection-engineering and find different perspectives/gems through newsletters such as 'Detection Engineering' by Zack Allen.
more information here: https://github.com/mthcht/ThreatHunting-Keywords
Splunk related posts
- SIEM content development
- Splunk Enterprise Security dashboard that let's you prioritize, track your security automation efforts and sell your wins to management through quantitative metrics
- Azure data sources
- Okta Data in Splunk( Reports, Alerts and Dashboards)
- Prometheus integration with Splunk
- Splunk Enterprise Certified Admin Exam
- New Release: TA OpenAI ChatGPT
-
A note from our sponsor - SaaSHub
www.saashub.com | 27 Apr 2024
Index
What are some of the best open-source Splunk projects? This list will help you:
Project | Stars | |
---|---|---|
1 | sigma | 7,624 |
2 | pygraphistry | 2,055 |
3 | gnomock | 1,305 |
4 | security_content | 1,136 |
5 | threathunting | 1,102 |
6 | SigLens | 995 |
7 | Semantic Logger | 836 |
8 | zentral | 720 |
9 | awesome-detection-engineering | 551 |
10 | EventLogging | 447 |
11 | splunk-connect-for-kubernetes | 341 |
12 | ThreatHunting-Keywords | 337 |
13 | threathunting-spl | 255 |
14 | splunk-connect-for-syslog | 143 |
15 | ansible-role-for-splunk | 134 |
16 | youtube | 130 |
17 | Splunk-Apps | 98 |
18 | fanuc-driver | 66 |
19 | maple | 55 |
20 | SplunkDashboards | 49 |
21 | evtx2json | 48 |
22 | splunk_modinput_prometheus | 43 |
23 | splunk-enterprise | 26 |
Sponsored