fluent-plugin-splunk-hec - This is the Fluentd output plugin for sending events to Splunk via HEC.

  •        431

Fluentd output plugin to send events and metrics to Splunk over the HEC (HTTP Event Collector) API. This example is very basic, it just tells the plugin to send events to Splunk HEC on https://12.34.56.78:8088 (https is the default protocol), using the HEC token 00000000-0000-0000-0000-000000000000. It will use whatever index, source, sourcetype are configured in HEC. And the host of each event is the hostname of the machine which running fluentd.

https://github.com/splunk/fluent-plugin-splunk-hec

Tags
Implementation
License
Platform

   




Related Projects

Fluent Bit - Fast and Lightweight Logs and Metrics processor

  •    C

Fluent Bit is a fast Log Processor and Forwarder, it allows to collect log events or metrics from different sources, process them and deliver them to different backends such as Fluentd, Elasticsearch, Splunk, DataDog, Kafka, New Relic, Azure services, AWS services, Google services, NATS, InfluxDB or any custom HTTP end-point. It also comes with full SQL Stream Processing capabilities: data manipulation and analytics using SQL queries.

docker-splunk - Docker Splunk Enterprise image

  •    Shell

This is the official repository for the Splunk Enterprise and Splunk universal forwarder Docker effort. It contains Dockerfiles that you can use to build Splunk Docker images. To learn more about the Splunk Enterprise Docker image, see the Splunk Enterprise Docker image README.

docker-splunk-legacy - Docker Splunk Enterprise image

  •    Shell

This is the official repository for the Splunk Enterprise and Splunk universal forwarder Docker effort. It contains Dockerfiles that you can use to build Splunk Docker images. To learn more about the Splunk Enterprise Docker image, see the Splunk Enterprise Docker image README.

splunk-sdk-python - Splunk Software Development Kit for Python

  •    Javascript

Splunk Software Development Kit for Python

Free Windows Network User Accounting

  •    Perl

FWNUA (Free Windows Network User Accounting) runs silently in a Windows login script and collects data about user logins. It allows more freedom in standardized computer naming. FWNUA keeps track of the workstations so you don't have to! FWNUA now supports syslog and Splunk! A fork of the current 3.0 version can now be downloaded. Look for the fwnua - syslog in the files list. Use Splunk or your own syslog server with data mining tools to create a robust user tracking system.


gnomock - Test your code without writing mocks with ephemeral Docker containers 📦 Setup popular services with just a couple lines of code ⏱️ No bash, no yaml, only code 💻

  •    Go

Gnomock is an integration and end-to-end testing toolkit. It uses Docker to create temporary containers for application dependencies, setup their initial state and clean them up in the end. Gnomock allows to test the code with no mocks wherever possible. The power of Gnomock is in a variety of Presets, each implementing a specific database, service or other tools. Each preset provides ways of setting up its initial state as easily as possible: SQL schema creation, test data upload into S3, sending test events to Splunk, etc.

Clarity - Web interface for the grep

  •    Ruby

Clarity is a Splunk like web interface for your server log files. It supports searching (using grep) as well as trailing log files in realtime. It has been written using the event based architecture based on EventMachine and so allows real-time search of very large log files.

angulartics - Analytics for AngularJS applications.

  •    Javascript

**Note: we are dropping support for NuGet.You can also use $analyticsProvider.withBase(true) instead of $analyticsProvider.withAutoBase(true) if you are using a <base> HTML tag.

angulartics2 - Vendor-agnostic analytics for Angular2 applications.

  •    TypeScript

Pass string literals or regular expressions to exclude routes from automatic pageview tracking.By default, it removes IDs matching this pattern (ie. either all numeric or UUID) : ^\d+$|^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$.

ThreatHunter-Playbook - A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns

  •    

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Sysmon and Windows Events logs. This project will provide specific chains of events exclusively at the host level so that you can take them and develop logic to deploy queries or alerts in your preferred tool or format such as Splunk, ELK, Sigma, GrayLog etc. This repo will follow the structure of the MITRE ATT&CK framework which categorizes post-compromise adversary behavior in tactical groups. In addition, it will provide information about hunting tools/platforms developed by the infosec community for testing and enterprise-wide hunting.Can't wait to see other hunters' pull requests with awesome ideas to detect advanced patterns of behavior. The more chains of events you contribute the better this playbook will be for the community.

angle-grinder - Slice and dice log files on the command line

  •    Rust

Slice and dice log files on the command line. Angle-grinder allows you to parse, aggregate, sum, average, percentile, and sort your data. You can see it, live-updating, in your terminal. Angle grinder is designed for when, for whatever reason, you don't have your data in graphite/honeycomb/kibana/sumologic/splunk/etc. but still want to be able to do sophisticated analytics.

sigma - Generic Signature Format for SIEM Systems

  •    Python

Sigma is a generic and open signature format that allows you to describe relevant log events in a straight forward manner. The rule format is very flexible, easy to write and applicable to any type of log file. The main purpose of this project is to provide a structured form in which researchers or analysts can describe their once developed detection methods and make them shareable with others. Sigma is for log files what Snort is for network traffic and YARA is for files.

watchtower - Python CloudWatch Logging: Log Analytics and Application Intelligence

  •    Python

Watchtower is a log handler for Amazon Web Services CloudWatch Logs. CloudWatch Logs is a log management service built into AWS. It is conceptually similar to services like Splunk and Loggly, but is more lightweight, cheaper, and tightly integrated with the rest of AWS.

ACE - Automated, Collection, and Enrichment Platform

  •    PowerShell

The Automated Collection and Enrichment (ACE) platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected by running scripts on each computer without installing any software on the target. ACE supports collecting from Windows, macOS, and Linux hosts. ACE is meant to simplify the process of remotely collecting data across an environment by offering credential management, scheduling, centralized script management, and remote file downloading. ACE is designed to complement a SIEM by collecting data and enriching data; final analysis is best suited for SIEM tools such as Splunk, ELK, or the tools the analyst prefers.

sigma - Generic Signature Format for SIEM Systems

  •    Python

Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner. The rule format is very flexible, easy to write and applicable to any type of log file. The main purpose of this project is to provide a structured form in which researchers or analysts can describe their once developed detection methods and make them shareable with others. Sigma is for log files what Snort is for network traffic and YARA is for files.

hec mambo contribs

  •    PHP

easy-to-use fully parameterized templates - modules: modified newsflash, slideshow and graphical menu - german informal lang-pack - patches to mambo - tested on 4.6.5, but should work from 4.6.2 on, see http://www.hec.co.at for detailed descriptions

OrangeFS - Scale-out Network File System

  •    C

OrangeFS is a scale-out network file system designed for use on high-end computing (HEC) systems that provides very high-performance access to multi-server-based disk storage, in parallel. The OrangeFS server and client are user-level code, making them very easy to install and manage. OrangeFS has optimized MPI-IO support for parallel and distributed applications, and it is leveraged in production installations and used as a research platform for distributed and parallel storage.

fluent-logger-python - A structured logger for Fluentd (Python)

  •    Python

Many web/mobile applications generate huge amount of event logs (c,f. login, logout, purchase, follow, etc). To analyze these event logs could be really valuable for improving the service. However, the challenge is collecting these logs easily and reliably. Fluentd solves that problem by having: easy installation, small footprint, plugins, reliable buffering, log forwarding, etc.

fluent-plugin-elasticsearch

  •    Ruby

NOTE: For v0.12 version, you should use 1.x.y version. Please send patch into v0.12 branch if you encountered 1.x version's bug. NOTE: This documentation is for fluent-plugin-elasticsearch 2.x or later. For 1.x documentation, please see v0.12 branch.

vuex-orm - The Vuex plugin to enable Object-Relational Mapping access to the Vuex Store.

  •    Javascript

Vuex ORM is a plugin for Vuex to enable Object-Relational Mapping access to the Vuex Store. Vuex ORM lets you create "normalized" data schema within Vuex Store with relationships such as "Has One" and "Belongs To Many" like any other usual ORM library. It also provides fluent API to get, search and update Store state. Vuex ORM is heavily inspired by Redux recipe of "Normalizing State Shape" and "Updating Normalized Data". Learn more about the concept and motivation of Vuex ORM at What Is Vuex ORM?.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.