-
**Describe the work**
VssTester should export event logs in evtx format instead of xml
**Additional Context**
Currently the script exports the logs in XML format which is tedious to analyze inste…
-
Hello,
running logon tracer within docker following the wiki instructions, no problem to get it up and running on port 8080
i upload the security dc log EVTX format and all the upload is go fine.
w…
-
Is it possible to tail evtx files? using custom ReadSeek?
-
For all general issues, please provide the following details for fast resolution:
- Version: Logstash 5.6
- Operating System: Linux
- Config
e.g. path => "/data/event_log/xxx.evtx"
- Sample D…
-
# sysmon_11_1_15_WScriptBypassUAC.evtx
Файл с событиями можно [скачать тут 🔗](https://github.com/sbousseaden/EVTX-ATTACK-SAMPLES/raw/master/Privilege%20Escalation/sysmon_11_1_15_WScriptBypassUAC…
-
Hi,
I came across a possible bug in one of your rules.
https://github.com/SigmaHQ/sigma/blob/master/rules/windows/builtin/security/win_security_dcsync.yml#L29
The rule didn't match this event…
-
Since `--low-memory-mode` can not sort or remove duplicate entries it would be nice to have a command that can do this in post-processing. `sort-csv`: `sort and remove duplicate detections`
@hitenk…
-
After logs are uploaded, the system cannot Search for logs. If you click the Search message, WARNING: Search failed! Is displayed. . Evtx XML has been uploaded successfully.
-
### Problem
Currently, only one "depth" of compressed or archived file is supported.
e.g. can read `syslog` stored in `logs.tar`. Cannot read `syslog.gz` in `logs.tar`, nor `logs.tar` stored in `…
-
Hi,
I'm getting this error while parsing small, big, evtx or xml files from my personal workstation
Same error by GUI or by CLI :
python3 logontracer.py --delete -x ../xxxx.xml -z +2 -u neo4j -…