Spl-Alert-Creator is a powerful tool designed to bridge the gap between threat intelligence and actionable alerts in Splunk. By leveraging the MITRE ATT&CK framework, this project automates the process of finding Splunk Processing Language (SPL) rules associated with specific T-codes (technique IDs) and advanced persistent threats (APTs). It simplifies the development of security monitoring and threat detection strategies for cybersecurity teams.
python3 main_menu.py
you will then pick the T-code you want to grab and create alerts with
these alerts can be put into splunk to make detection way easier