Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Screenshot

Burnham Forensics ELK Deployment Files

Relevant configuration, filter, and rule files pertaining to installations of ELK used by Burnham Forensics. The contents of this repository are dynamic; constantly updated with respect to new threats and Elastic Stack updates.

Contents

The contents of this repository include:

  • Logstash Pipeline Files (SSL & Non-SSL)
  • Microsoft Sysinternals' Sysmon Configuration Files
  • Winlogbeat Configuration Files
  • Generic Elastalert Rules

Credit

This work would not be possible without the work of others. While their work is credited where seen, below is a list of contributors and their respective projects:

Roberto Rodriguez - (@Cyb3rWard0g)

HELK Project - Logstash and Winlogbeat Configuration/Pipeline Files

https://github.com/Cyb3rWard0g/HELK

SwiftOnSecurity

Sysmon-Config - Crowd-sourced Sysmon configuration file template for high-quality event tracing

https://github.com/SwiftOnSecurity/sysmon-config

Releases

No releases published

Packages

No packages published