search

ceramicskate0 / SWELF

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
https://ceramicskate0.github.io/SWELF/
GNU Affero General Public License v3.0
24 stars 7 forks source link

Ability to centralize config #23

Closed ceramicskate0 closed 6 years ago

ceramicskate0 commented 6 years ago

Sysvol is a read only Dir that all machines on a domain can read (for GPO). This would be perfect if the app could read its config from that location and execute. I will require SMB yes but that is required anyways. Dir is read only by default and only admins can change files there. This will also help with securing config file to admins.

Idea here is have app read config files from UNC path. This could be done by local config file pointing to UNC path Need to add feature/option in config to do this. If this is read the app will then ignore all other setting except to read UNC config

ceramicskate0 commented 6 years ago

new idea is http web server hosting config file to pull from. Old idea ha IO issues

ceramicskate0 commented 6 years ago

if web server hosted then any web server will work. Testing could even be with simple py web server

ceramicskate0 commented 6 years ago

central config success in early testing.

ceramicskate0 commented 6 years ago

will now work with any web server it can get to