Welcome to the LogScale Community Content Repository.
This repository contains Community and Field contributed content for LogScale which includes:
- Complete Packages
- Queries
- Dashboards
- Alerts
- Lookup Files
...as well as Tutorials and FAQs.
NOTE: These are not meant as replacements for the official documentation or the LogScale Package Marketplace. However, please feel free to use and contribute as much as you'd like.
Here's a quick summary of the various folders in this repository contaiming LogScale content:
- Log-Sources:
- Complete packages grouped by vendor and application.
- Queries, dashboards, alerts, etc. grouped by vendor and application
- Config-Samples:
- These folders contain quick starts, configuration examples, and other useful artifacts.
- Parsers-Only:
- Standalone parsers beyond what is in the LogScale Marketplace.
- Queries-Only:
- Standalone queries for LogScale and FLTR, often situational to CVEs and ATT&CK techniques.
The wiki can be found here. It contains various tutorials and guides for LogScale and FLTR.
LogScale Community Content is a community-driven open source project. As such, it carries no formal support, expressed or implied.
Is something going wrong? GitHub Issues are used to report bugs and errors. You can check to see if anyone else has reported the issue or create a new issue here: Report Issue
There are many ways you can contribute to the LogScale Community Content repository.
- Add new vendor content by opening a pull request. More details on this process can be found in the Log-Sources folder: Log-Sources.
- Add new samples by opening a pull request. More details on this process can be found in the Configuration Sample folder: Config-Samples.
- Review pull requests by going through the queue of open pull requests on GitHub and providing feedback to the authors.
- Documenting, blogging, or creating videos, of how you've used LogScale Community Content. This type of content is invaluable and helps our community grow. Open a pull request for inclusion in the LogScale Community Content Wiki section of this page.
- Fix a bug or implement a new feature. Check out our open issues on GitHub for inspiration.
- Providing feedback by opening a GitHub ticket. Even a fly-by "hey, this worked..." is appreciated and helps validate approaches. Ideas on improving the project are most welcome.
To get started, review the Code of Conduct for community guidelines, and the contribution guide for more detail regarding contributing to the LogScale Community Content repository.
