GithubHelp home page GithubHelp logo

5l1v3r1 / attack-to-elk Goto Github PK

View Code? Open in Web Editor NEW

This project forked from michaelhidalgo/attack-to-elk

0.0 1.0 0.0 3.2 MB

This program exports MITRE ATT&CK framework in ELK dashboard

License: Apache License 2.0

Python 100.00%

attack-to-elk's Introduction

A better way to visualize, filter and search MITRE ATT&CK matrix

This program exports MITRE ATT&CK enterpise matrix into a ELK dashboard. Check out this blog post entry for having better understanding on the benefits of exporting the ATT&CK enterprise matrix into ELK.

Alt text

Visualizing the relationship between MITRE ATT&CK Tactics, Techniques, Groups and Software

Alt text

Filtering out by MITRE ATT&CK Techniques

Alt text

Installation

  1. Clone or fork this repo [email protected]:michaelhidalgo/attack-to-elk.git
  2. Create a virtual environment using virtualenv:
virtualenv env
  1. Activate the virtual environment running source env/bin/activate from the root folder.
  2. Install dependencies from requirements file pip3 install -r requirements.txt
  3. Export following environment variables with Elasticsearch IP address and port:
  export es_hostname='Your ELK IP'
  export es_port='Your ELK port (9200 by default)'
  1. Run the program using Python3:
python3 attack-to-elk.py

Importing ELK artifacts

All visualizations, index patterns and dashboards were exported into an artifact JSON file.

Once you've run the script and indexing the matrix, you can go to Kibana Management -> Saved Objects and Import. From there you can choose the artifacts JSON described above and that's it.

Alt text

attack-to-elk's People

Contributors

michaelhidalgo avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.