-
**Environment**
Windows 10 Pro, Python 2.7 and Python 3.6 installed
**Description**
Setting the Python Scope activity`s path to the installation folder of Python 27, and selecting the Version to …
-
i'm trying to set up some windows containers so that their windows event log directories are mounted to a shared volume with a sidecar task that monitors and ships directly from those log files.
is…
-
I saw that the csv-timeline and json-timeline commands support deduplication using the flag `--remove-duplicate-detections`. I think that is incredibly useful. Unfortunately the logon-summary does not…
-
Hello, I'm trying to use your script to import a Security.evtx file into Elasticsearch 8.4.2 but I'm getting the following error while trying to do so:
```
elasticsearch.BadRequestError: BadReques…
-
I tried a lot of different ways to open one of the log files listed under "Applications and Services Logs" in the Eventlog of Windows 7/2008 R2.
Accessing these logs always resulted in an opened "App…
ghost updated
7 months ago
-
First of all thank you for providing this amazing tool.
I was wondering if there might be a way to run bulk extractor, as apart of Brunnhilde, but exclude file carving components of bulk_extractor.…
-
The current jinja2 templates, Vagrant triggers and ansible/shell provisioners assume systems are Debian-based Linux systems. This should ideally be expanded so lab environments can be spun up using th…
-
GUI starts but cannot use it to connect, saying the service isn't running. Starting the service results in an error message: "Access Denied"
Ref: https://theoven.org/viewtopic.php?p=1149#p1149, htt…
-
Would be helpful if chainsaw could provide high level stats detailing the frequency of event code IDs observed in an Event Log, like Eric Zimmerman's `evtxecmd tool`. Potential usage would be `chainsa…
-
Hey guys,
I have observed that the latest version of Chainsaw no longer seems to report Microsoft Defender/AV detection.
I ran both v2.9.0 and v2.8.0 on the same log set, which I know contains…