sigma
Log event descriptor
A standardized format for describing log events to facilitate detection and analysis of security threats
Main Sigma Rule Repository
8k stars
345 watching
2k forks
Language: Python
last commit: 7 days ago
Linked from 7 awesome lists
elasticsearchidsloggingmonitoringsecuritysiemsignaturessplunksysmon
Related projects:
Repository | Description | Stars |
---|---|---|
wagga40/zircolite | A standalone tool for analyzing and detecting security-related events in various Linux logs using SIGMA rules | 680 |
securityriskadvisors/talr | A repository for collecting and sharing SIEM rules in STIX format for automated translation to Sigma syntax | 89 |
threathunters-io/laurel | Transforms Linux audit logs into standardized, human-readable format for security monitoring | 711 |
dunnock/react-sigma | A lightweight React library for drawing network graphs on web pages | 261 |
yamato-security/enablewindowslogsettings | Enables Windows event log settings to support a larger percentage of Sigma detection rules and retain logs for longer periods | 556 |
muchdogesec/sigma2stix | Converts Sigma Rules into STIX 2.1 Objects | 3 |
confluentinc/confluent-sigma | A tool for analyzing and visualizing log events using structured rules | 52 |
nshalabi/sysmontools | Utilities for analyzing and visualizing Windows event logs from Sysmon, helping users track and monitor system activity. | 1,488 |
retracedhq/retraced | Provides a searchable, exportable record of read/write events | 358 |
santiyounger/cobra | A customizable theme for Logseq note-taking software | 51 |
karimhabush/cyberowl | Provides daily summaries of frequently reported security advisories from various sources | 248 |
thiber-org/userline | Automates analysis of Windows Security Events to identify user logon relations | 240 |
jpcertcc/sysmonsearch | Analyzes Sysmon event logs to detect suspicious activity and visualize process and network correlations. | 417 |
brexhq/substation | A toolkit for routing, normalizing, and enriching security event logs across the cloud | 329 |
dogoncouch/logesp | A security-focused application built with Python Django to manage and analyze log data from various sources. | 197 |