Giter Site home page Giter Site logo

truvis / splunkdashboards Goto Github PK

View Code? Open in Web Editor NEW
57.0 8.0 12.0 99 KB

Collection of Dashboards for Threat Hunting and more!

splunk splunk-application splunk-enterprise splunk-addon splunk-http splunk-impact-cloud splunk-alerts dashboard dashboards dashboard-templates

splunkdashboards's Introduction

be sure to star and follow this project if you like it. By doing so it lets me know which of my works people enjoy the most so development can be prioritized

Dashboards

When I started teaching myself Splunk and saw that you could create dashboards, I quickly became addicited and started building out as many ideas as I possibly could. The goal is to figure out how to package these into an app that can be quickly deployed and configured to any splunk instance.

The other part that inspired this was to build out a Threat Hunting envirnment for trying to detect attacks and also learning how to not get noticed when doing red team engagments.

Be sure to drop ideas and improvements! I'm still learning and would enjoy other's viewpoints!

  • TODO: Add colors across all dashboards
  • TODO: Standardize naming of fields
  • TODO: Add summary of what each dashboard does
  • TODO: List configuration settings and requirements on hosts such as index, sourcetype, source

Windows

Configuration

Dashboards

User Windows Security Overview [MAIN]

2020_09_22_06_11_24_Truvis_User_Windows_Security_Overview_MAIN_Splunk_8 0 5

Host Windows Security Overview [MAIN]

2020_09_22_06_13_32_Truvis_Host_Windows_Security_Overview_MAIN_Splunk_8 0 5

Linux

Configuration

Dashboards

User Linux Security Overview [MAIN]

2020_09_22_05_54_26_What_is_Penetration_Testing_Step_By_Step_Process_Methods_Imperva

Host Linux Security Overview [MAIN]

TODO: Update to use the new linux history TA to get src_ip 2020_09_22_06_06_47_What_is_Penetration_Testing_Step_By_Step_Process_Methods_Imperva

Host Linux Dashboard by ENDPOINT [SUB]

TODO: Still under development and needs to be update to pull from new sources 2020_09_22_06_07_52_Truvis_Host_Linux_Dashboard_by_ENDPOINT_SUB_Splunk_8 0 5

Suricata

Configuration

Dashboards

Suricata Network Overview [MAIN]

TODO: Add the ability to exclude in filter 2020_09_22_06_15_56_What_is_Penetration_Testing_Step_By_Step_Process_Methods_Imperva

Suricata Host Overview [SUB]

TODO: Needs HOST input added for host control 2020_09_22_06_17_09_Truvis_Suricata_Host_Overview_SUB_Splunk_8 0 5

Suricata Categories Overview [SUB]

2020_09_22_06_18_25_Truvis_Suricata_Categories_Overview_SUB_Splunk_8 0 5

Suricata Signature Overview [SUB]

2020_09_22_06_19_14_Truvis_Suricata_Signature_Overview_SUB_Splunk_8 0 5

Network

Configuration

Dashboards

Network Intelligence Overview [MAIN]

TODO: Need threatintel list for refference 2020_09_22_06_20_59_Truvis_Network_Intelligence_Overview_MAIN_Splunk_8 0 5

Network Intelligence by ENDPOINT [SUB]

TODO: Need threatintel list for refference 2020_09_22_06_22_06_Truvis_Network_Intelligence_by_ENDPOINT_SUB_Splunk_8 0 5

Blocked Out Going Connections BY IP [MAIN]

2020_09_22_06_23_31_Truvis_Blocked_Out_Going_Connections_BY_IP_MAIN_Splunk_8 0 5

Blocked Out Going Connections by ENDPOINT [SUB]

TODO: Needs host control 2020_09_22_06_24_54_Truvis_Blocked_Out_Going_Connections_by_ENDPOINT_SUB_Splunk_8 0 5

Threat Hutning

Configuration

Dashboards

Truvis-Threat Intelligence Windows Accounts [MAIN]

2020-10-17 12_34_22-Truvis-Threat Intelligence Windows Accounts MAIN _ Splunk 8 0 5

Truvis-Threat Intelligence Network [MAIN]

2020-10-17 12_33_38-root@splunk_~

Zeek

Configuration

Dashboards

splunkdashboards's People

Contributors

truvis avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

fulmicoton ctfbuster vibu001 cnd-ninja chengchong010 jmatthewsmetrostar zohorul shawnhank kai-r darksidesfear l1wan9 drakevonduck

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.