amirzargaran

SOC the Next-Gen Architect & Open-Source SIEM and related tools implementor and deployer

SOC 724

Pinned Repositories

alerting
📟 Get notified when your data meets certain conditions by setting up monitors, alerts, and notifications
Language:Kotlin00
AlertLogic_Waf4CEF
This is customized ArcSight Syslog Flex Connector file for normalizing the Web Application Firewall of Alert Logic Events and converting to CEF (Common Event Format) format.
00
arcsight-parsers
ArcSight parsers
00
ArcSight-TheHive-Alert
And now, for the first time, you can send alerts via action from ArcSight ESM Console to the TheHive when Correlation Rules are triggered.
Language:Python30
ArcSight-Zulip-Alert
In the ArcSight ESM, you can send the results of matched correlation rules as an ExecuteCommand type. One of the best messaging platforms is Zulip. This repository helps you to integrate ArcSight ESM and Zulip by ExecuteCommand alert action.
Language:Shell00
ArcSight_vs_Zabbix
this code is a .properties parser flex Connector file that can parse all zabbix activities to ArcSight Destination from SmartConnectors
11
CEFforWallix
This repository is a parser file for converting raw syslog events of Wallix PAM system to CEF(Common Event Format) format.
10
nginx_vs_ArcSight
Flex Connector Parser for Nginx Web Server
11
Sophos_Mail_Gateway_for_ArcSight_CEF
This is a Flex File Connector Parser for Sophos UTM Email Gateway
00
Sophos_UTM_for_CEF
This is a parser upon CEF syslog ArcSight Flex Connector for Sophos UTM devices. you can use this *.properties file in ArcSight Smart Connector as syslog listener connector for normalization and converting the raw syslog events sent from Sophos appliance to CEF format.
00

amirzargaran's Repositories

amirzargaran/ArcSight-TheHive-Alert
And now, for the first time, you can send alerts via action from ArcSight ESM Console to the TheHive when Correlation Rules are triggered.
Language:Python30
amirzargaran/ArcSight_vs_Zabbix
this code is a .properties parser flex Connector file that can parse all zabbix activities to ArcSight Destination from SmartConnectors
11
amirzargaran/CEFforWallix
This repository is a parser file for converting raw syslog events of Wallix PAM system to CEF(Common Event Format) format.
10
amirzargaran/nginx_vs_ArcSight
Flex Connector Parser for Nginx Web Server
11
amirzargaran/alerting
📟 Get notified when your data meets certain conditions by setting up monitors, alerts, and notifications
Language:Kotlin00
amirzargaran/AlertLogic_Waf4CEF
This is customized ArcSight Syslog Flex Connector file for normalizing the Web Application Firewall of Alert Logic Events and converting to CEF (Common Event Format) format.
00
amirzargaran/arcsight-parsers
ArcSight parsers
00
amirzargaran/ArcSight-Zulip-Alert
In the ArcSight ESM, you can send the results of matched correlation rules as an ExecuteCommand type. One of the best messaging platforms is Zulip. This repository helps you to integrate ArcSight ESM and Zulip by ExecuteCommand alert action.
Language:Shell00
amirzargaran/Sophos_Mail_Gateway_for_ArcSight_CEF
This is a Flex File Connector Parser for Sophos UTM Email Gateway
00
amirzargaran/Sophos_UTM_for_CEF
This is a parser upon CEF syslog ArcSight Flex Connector for Sophos UTM devices. you can use this *.properties file in ArcSight Smart Connector as syslog listener connector for normalization and converting the raw syslog events sent from Sophos appliance to CEF format.
00
amirzargaran/ArcSight_Vs_PaloAlto
This is A parser file in ArcSight Integration Flex Connector for PaloAlto Devices.
amirzargaran/ArcSight_Vs_Solarwinds
this code is a .properties file that can parse all db activities of Solarwinds Mssql Server to ArcSight Destination from SmartConnectors
1
amirzargaran/Cortex
Cortex: a Powerful Observable Analysis and Active Response Engine
amirzargaran/elastalert2
ElastAlert 2 is a continuation of the original yelp/elastalert project. Pull requests are appreciated!
amirzargaran/IBMBigfix_Vs_ArcSight
1
amirzargaran/Ldap2CEF
This Parser is ArcSight Flex File Connector for OpenLdap V3 Sevice Logs
amirzargaran/MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
amirzargaran/OpenSearch
🔎 Open source distributed and RESTful search engine.
amirzargaran/opensearch-build
🧰 OpenSearch / OpenSearch-Dashboards Build Systems
amirzargaran/OSSEC_Vs_ArcSight
this code is a .properties file that can parse all db activities of ossec mysql db to ArcSight Destination from SmartConnectors
2
amirzargaran/Splunkenizer
Ansible framework providing a fast and simple way to spin up complex Splunk environments.
amirzargaran/TA-thehive-cortex
Technical add-on for Splunk related to TheHive/Cortex from TheHive project
amirzargaran/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
amirzargaran/ThreatHunting
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
amirzargaran/ThreatIngestor
Extract and aggregate threat intelligence.

amirzargaran

Pinned Repositories

alerting

AlertLogic_Waf4CEF

arcsight-parsers

ArcSight-TheHive-Alert

ArcSight-Zulip-Alert

ArcSight_vs_Zabbix

CEFforWallix

nginx_vs_ArcSight

Sophos_Mail_Gateway_for_ArcSight_CEF

Sophos_UTM_for_CEF

amirzargaran's Repositories

amirzargaran/ArcSight-TheHive-Alert

amirzargaran/ArcSight_vs_Zabbix

amirzargaran/CEFforWallix

amirzargaran/nginx_vs_ArcSight

amirzargaran/alerting

amirzargaran/AlertLogic_Waf4CEF

amirzargaran/arcsight-parsers

amirzargaran/ArcSight-Zulip-Alert

amirzargaran/Sophos_Mail_Gateway_for_ArcSight_CEF

amirzargaran/Sophos_UTM_for_CEF

amirzargaran/ArcSight_Vs_PaloAlto

amirzargaran/ArcSight_Vs_Solarwinds

amirzargaran/Cortex

amirzargaran/elastalert2

amirzargaran/IBMBigfix_Vs_ArcSight

amirzargaran/Ldap2CEF

amirzargaran/MISP

amirzargaran/OpenSearch

amirzargaran/opensearch-build

amirzargaran/OSSEC_Vs_ArcSight

amirzargaran/Splunkenizer

amirzargaran/TA-thehive-cortex

amirzargaran/TheHive

amirzargaran/ThreatHunting

amirzargaran/ThreatIngestor