Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
Should SWELF be able to be configured to do initial incident response via remote deployment to scan windows Event Logs utilizing its central configuration feature? Post or contact me on twitter with what you think.
ceramicskate0
commented
6 years ago
Should SWELF be able to be configured to do initial incident response via remote deployment to scan windows Event Logs utilizing its central configuration feature? Post or contact me on twitter with what you think.