FranticTyping
commented
3 days ago Hey @PowerPress
There's no built-in way to run Chainsaw across the network. There are a couple of options you could explore though:
1.) Set up WEF forwarding to centralise event logs to a single machine 2.) Setup Velociraptor and use the Chainsaw module to run it remotely: https://docs.velociraptor.app/exchange/artifacts/pages/windows.eventlogs.chainsaw/
Thanks!
Can this be run across network without?
If not what is the typical workflow?
For each machine export all the event logs and in a seperate directory and run chainsaw against each?