-
Pipeline winlogbeat-8.9.2-security error return following error.message:
> Processor "script" with tag "Set User Account Control" in pipeline "winlogbeat-8.9.2-security" failed with message "For in…
-
Dear Omer,
Awesome work on this library, it is really blazing fast.
I hope you can help me with the following question about the JSON serializer. I would like to alter the JSON data that is out…
-
Hi,
I'm using python to pull event logs from remote machine using ms-even6 interface (https://msdn.microsoft.com/en-us/library/cc231282.aspx).
I used EvtRpcRegisterLogQuery and EvtRpcQueryNext fu…
-
A lot of awesome links already. I have some more in my notes:
# EDR's
[OpenEDR](https://github.co…
dobin updated
2 weeks ago
-
[extract_windows.go#L176](https://github.com/Velocidex/evtx/blob/191dc946afdfe19b5447bc2dadd0f31f3ecb66f0/cmd/extract_windows.go#L176) causes extraction to skip some potentially useful DLLs.
Withou…
-
Explorer.exe hangs while I navigate between directories.
win 7 x64
DokanSetup-1.0.0.5000
ACDDokan 1.6.4
Trial Amazon Drive
And I can't even taskkill this process.
-
Strengthen the log detection of domain control, and recommend you a https://github.com/Qihoo360/WatchAD2.0 item
There are domain-related attack detections here, and I hope the next version of the too…
-
Hi!
Are there any plans to implement plain [sigma](https://github.com/Neo23x0/sigma) support for log scanning?
Would be a great feature to have the ability to scan log files with plain sigma rul…
-
## Summary
FreeBSD 13 file `/var/log/utx.lastlogin` is not processed by `s4`. Error message
```text
ERROR: find_entry(0) failed; buffer of len 280 given too little data 197 for "/var/log/utx.last…
-
```
please, add filtering at logfiles.
that is/could be a great plus point.
best regards
Thomas
```
Original issue reported on code.google.com by `tho...@warnick.de` on 2 Jul 2012 at 2:23