Pinned Repositories
Conn-Zeek-enrichment
Enrich Conn log with input file matches. Pretty much copied justin's script :) and modified slightly
cve-2021-38647
https://github.com/corelight/CVE-2021-38647 without the bloat
DNS-Zeek-enrichment
enrich DNS log with input file matches.
intel
zeek intel
NameCacheInSuricata
Zeek script that enriched the suricata_corelight log with nameCache information
PrivateNetLocation
Enrich conn log with location information for your RFC1918 networks
SCOlogredux
Corelight custom log reduction
Splunkdashboards
suricata
my own suri rules
VLANLocation
enrich connlog with VLAN description
abousteif's Repositories
abousteif/Conn-Zeek-enrichment
Enrich Conn log with input file matches. Pretty much copied justin's script :) and modified slightly
abousteif/cve-2021-38647
https://github.com/corelight/CVE-2021-38647 without the bloat
abousteif/DNS-Zeek-enrichment
enrich DNS log with input file matches.
abousteif/intel
zeek intel
abousteif/NameCacheInSuricata
Zeek script that enriched the suricata_corelight log with nameCache information
abousteif/PrivateNetLocation
Enrich conn log with location information for your RFC1918 networks
abousteif/SCOlogredux
Corelight custom log reduction
abousteif/Splunkdashboards
abousteif/suricata
my own suri rules
abousteif/VLANLocation
enrich connlog with VLAN description
abousteif/zeek-smb-clear-state
reduce amount of tracked smb state
abousteif/zeek-ssl-clear-state
Clear SSL State earlier to reduce memory usage