-
Hi,
V3 zircolite_dev.py working fast and without problem in linux and mac. But in windows we have many strange errors which master zircolite_dev.py working smootly.
PS: first run worked , dont …
-
I've been using your project for a few months as part of a pipeline designed to reconstruct attack scenarios from heterogeneous raw logs (Windows and Linux). So far I've made a wrapper for Zircolite, …
-
python .\zircolite.py --evtx .\7\ --rules C:\PURE7\rules.json
Traceback (most recent call last):
File "C:\RE7\Zircolite\zircolite.py", line 2713, in
main()
File "C:\RE7\Zircolite\zirc…
-
`.\zircolite.exe --version` shows 'Zircolite - v2.30.0' instead of 'Zircolite - v2.30.1'
... irritates the auto-updater of my MemProcFS-Analyzer. :wink:
Thank you!
-
[Info] Latest Release: Zircolite v2.30.1 (2024-10-13)
[Info] Dowloading Latest Release ...
Invoke-WebRequest : Невозможно разрешить удаленное имя: 'github.com'
C:\FRST\1\MemProcFS-Analyzer-v1.1.0…
-
This is what I get when running Updater.ps1 as administrator:
```
Rename-Item : Cannot rename because item at
'E:\_Tools\MemProcFS-Analyzer-v1.1.0\MemProcFS-Analyzer-v1.1.0\Tools\zircolite_win' d…
-
Hi,
first of all, congrats for this work!
I'd like to report the following potential bug, while running Zircolite latest version with latest ruleset on a Sysmon EVTX file sample:
- in the Matri…
-
Hi,
I'd like to report the following potential bug, while running Zircolite latest version with latest ruleset on a Sysmon EVTX file sample:
in the Matrix tab of Zircolite Gui, I can see that th…
-
Hi,
I cam a cross your project today and wll have a try.
We wonder the benchmarks of the processing 2000 sigma rules over 5gig log ie ? Do you have such benchmarks ?
How we can improve the …
-
Hi,
@wagga40
would you consider / possible to use duckDb instead sqlite ?
for 500MB json :
DuckDB ingestion time: 1.3920 seconds
DuckDB memory usage: 12.11 MB
SQLite ingestion time: 14.328…