{"payload":{"pageCount":5,"repositories":[{"type":"Public","name":"CorelightForSplunk","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":null,"participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-27T12:15:43.247Z"}},{"type":"Public","name":"block-corelight-chronicle","owner":"corelight","isFork":false,"description":"Looker Dashboards for Chronicle","allTopics":[],"primaryLanguage":{"name":"LookML","color":"#652B81"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":4,"license":"MIT License","participation":[0,0,0,1,2,0,0,1,0,4,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-27T10:32:42.156Z"}},{"type":"Public","name":"ecs-templates","owner":"corelight","isFork":false,"description":"Corelight or Zeek Elastic Common Schema Templates","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":2,"starsCount":7,"forksCount":4,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,2,1,1,0,0,1,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,2,0,1,0,0,0,0,0,0,1],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-26T22:33:25.396Z"}},{"type":"Public","name":"ecs-logstash-mappings","owner":"corelight","isFork":false,"description":"Mapping Corelight or Zeek data to Elastic Common Schema logs","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":1,"starsCount":11,"forksCount":4,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-26T22:32:50.943Z"}},{"type":"Public","name":"ecs-mapping","owner":"corelight","isFork":false,"description":"Mapping Corelight or Zeek data to Elastic Common Schema fields","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":1,"starsCount":33,"forksCount":14,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,1],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-26T22:31:27.675Z"}},{"type":"Public","name":"zeek-netsupport-detector","owner":"corelight","isFork":false,"description":"A Zeek base NetSupport detector. NetSupport is often abused by attackers in malware.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,4,1,0,0,0,0,0,0,0,0,0,1],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-26T14:35:05.850Z"}},{"type":"Public","name":"terraform-azure-enrichment","owner":"corelight","isFork":false,"description":"Terraform for Corelight's Azure Cloud Enrichment.","allTopics":["cloud","enrichment","azure","terraform","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,1,0,1,0,0,0,0,0,0,0,0,0,0,1],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-23T19:47:50.497Z"}},{"type":"Public","name":"Zeek-CVE-Enrichment","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":1,"license":"Other","participation":[1,2,1,0,0,0,0,0,0,0,0,4,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-23T17:35:08.071Z"}},{"type":"Public","name":"Chronicle","owner":"corelight","isFork":false,"description":"Chronicle parser for CORELIGHT and related information.","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":3,"forksCount":4,"license":null,"participation":[4,2,1,0,0,3,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-23T13:18:00.821Z"}},{"type":"Public","name":"packet_replay","owner":"corelight","isFork":false,"description":"Send pcaps via GENEVE or VXLAN tunnels","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":null,"participation":[0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,1,1,0,2,0,0,0,0,0,0,1,1,2,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-22T16:21:40.059Z"}},{"type":"Public","name":"zeek-spicy-ipsec","owner":"corelight","isFork":false,"description":"A Zeek IPSec protocol analyzer based on Spicy.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":6,"forksCount":5,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":[0,0,0,3,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-22T15:32:59.842Z"}},{"type":"Public","name":"suricata_exporter","owner":"corelight","isFork":false,"description":"A Prometheus Exporter for Suricata","allTopics":["prometheus","prometheus-exporter","suricata"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":2,"starsCount":15,"forksCount":11,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-21T09:22:41.766Z"}},{"type":"Public","name":"terraform-gcp-sensor","owner":"corelight","isFork":false,"description":"Terraform for Corelight's GCP Cloud Sensor Deployment.","allTopics":["cloud","terraform","sensor","gcp","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,4,0,1,0,0,0,0,0,0,0,1,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-20T17:00:29.266Z"}},{"type":"Public","name":"terraform-gcp-enrichment","owner":"corelight","isFork":false,"description":"Terraform for Corelight's GCP Cloud Enrichment.","allTopics":["cloud","enrichment","terraform","gcp","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,1,0,1,0,1,0,0,0,0,0,0,0,0,1,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-07T23:03:06.830Z"}},{"type":"Public","name":"zeek-spicy-ospf","owner":"corelight","isFork":false,"description":"A Zeek OSPF packet analyzer based on Spicy.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":7,"forksCount":2,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-06T16:18:29.444Z"}},{"type":"Public","name":"ExtendIntel","owner":"corelight","isFork":false,"description":"This package extends the Intel package to log more fields","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":"Other","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,3,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-30T13:35:37.107Z"}},{"type":"Public","name":"Zeek-Endpoint-Enrichment","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":1,"license":"Other","participation":[1,3,0,0,0,0,0,0,0,0,0,2,0,0,0,0,5,0,0,7,0,0,0,0,0,0,0,5,0,0,0,0,0,3,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-24T17:08:52.119Z"}},{"type":"Public","name":"terraform-aws-sensor","owner":"corelight","isFork":false,"description":"Terraform for Corelight's AWS Cloud Sensor Deployment.","allTopics":["aws","cloud","terraform","sensor","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,4,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-22T20:54:30.085Z"}},{"type":"Public","name":"terraform-aws-enrichment","owner":"corelight","isFork":false,"description":"Terraform for Corelight's AWS Cloud Enrichment.","allTopics":["aws","cloud","enrichment","terraform","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,1,0,3,1,2,1,0,0,0,0,0,1,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-18T17:22:05.976Z"}},{"type":"Public","name":"terraform-config-sensor","owner":"corelight","isFork":false,"description":"Terraform for Corelight's Sensor Configuration.","allTopics":["cloud","terraform","sensor","configuration","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-10T21:53:16.805Z"}},{"type":"Public","name":"go-zeek-broker-ws","owner":"corelight","isFork":false,"description":"A Go library for using zeek broker's websocket API","allTopics":[],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":2,"starsCount":1,"forksCount":0,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-01T23:51:21.717Z"}},{"type":"Public","name":"terraform-azure-sensor","owner":"corelight","isFork":false,"description":"Terraform for Corelight's Azure Cloud Sensor Deployment.","allTopics":["cloud","azure","terraform","sensor","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-01T18:07:00.270Z"}},{"type":"Public","name":"zeek-agenttesla-detector","owner":"corelight","isFork":false,"description":"A Zeek based Agent Tesla malware C2 detector.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,5,0,0,1,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-26T16:38:46.561Z"}},{"type":"Public","name":"Elasticsearch_rules","owner":"corelight","isFork":false,"description":"Elastic version of SOC prime watcher rules","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":27,"forksCount":4,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,1,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-18T15:52:44.456Z"}},{"type":"Public","name":"json-tcp-lb","owner":"corelight","isFork":false,"description":"line based tcp load balancing proxy.","allTopics":[],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":1,"starsCount":13,"forksCount":3,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-18T15:51:39.485Z"}},{"type":"Public","name":"corelight-cloud","owner":"corelight","isFork":false,"description":"IaC used to deploy Corelight Sensors into various Cloud Providers.","allTopics":["aws","cloud","azure","terraform","templates","gcp","iac"],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-04T20:18:35.660Z"}},{"type":"Public","name":"log-add-http-post-bodies","owner":"corelight","isFork":false,"description":"Add POST body excerpt to Bro's HTTP log","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":14,"forksCount":10,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-15T17:44:29.474Z"}},{"type":"Public","name":"hassh","owner":"corelight","isFork":false,"description":"Fingerprint SSH clients and servers.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":3,"forksCount":0,"license":"Other","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-09T06:39:48.905Z"}},{"type":"Public","name":"cve-2021-44228","owner":"corelight","isFork":false,"description":"Log4j Exploit Detection Logic for Zeek","allTopics":["zeek","cve-2021-44228"],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":1,"issueCount":10,"starsCount":18,"forksCount":8,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-04T18:38:58.189Z"}},{"type":"Public","name":"icannTLD","owner":"corelight","isFork":false,"description":"Zeek script using the official ICANN Top-Level Domain (TLD) list with the Input Framework to extract the relevant information from a DNS query and mark whether it's trusted or not. The source of the ICANN TLD's can be found here: <a href=\"https://publicsuffix.org/list/effective_tld_names.dat\" rel=\"nofollow\">https://publicsuffix.org/list/effective_tld_names.dat</a>. The Trusted Domains list is a custom list, created by the user…","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":5,"forksCount":6,"license":"Other","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-25T12:51:40.782Z"}}],"repositoryCount":141,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"corelight repositories"}