Office 365 dashboards
A collection of Kibana dashboards to provide a holistic view of Microsoft Office 365 environments
Sigma Sysmon detection rules
A collection of rules based on the Sigma detection rules for Windows Sysmon events based on Winlogbeat data.
Sigma Windows inbuilt detection rules
A collection of rules based on the Sigma rules for Windows (inbuilt folder) based on Winlogbeat data .
Sigma Windows Process Creation detection rules
A collection of rules based on the Sigma rules for Windows (process creation folder) based on Winlogbeat data .
Cloudflare Kibana dashboards
Cloudflare dashboards and ingest pipelines to visualize cloudflare logs
Sigma AWS Cloudtrail Detection rules
A collection of rules based on the Sigma rules for AWS based on the Filebeat AWS module and Elastic agent integration.
OpenSIEM Logstash Parsing
Logstash Parsing Configurations for Elastic SIEM parses many different sources into ECS
Sigma detection rules for proxy server logs
A collection of rules based on the Sigma detection rules for proxy server and web server looks, e.g. zeek or suricata.
The search results are evaluated by ElasticPress using Elasticsearch clusters from Elastic Cloud.