issues
search
wagga40
/
Zircolite
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
671
stars
91
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
v2.30.0
#89
wagga40
closed
1 week ago
0
Potential bug with matrix found item
#88
cyb3rxp
opened
1 week ago
1
Zircolite package
#87
a-vine
opened
1 month ago
1
Some problems when using audit.log
#86
hoanga2dtk68
closed
1 month ago
7
[Snyk] Security upgrade zipp from 3.15.0 to 3.19.1
#85
wagga40
closed
2 months ago
0
[Snyk] Fix for 3 vulnerabilities
#84
wagga40
closed
2 months ago
0
List index Out of range error when using feature with sysmon4linux
#83
hoanga2dtk68
closed
2 months ago
8
Update README.md
#82
nasbench
closed
2 months ago
1
Unable to create table
#81
luckman212
closed
2 months ago
3
[Snyk] Security upgrade zipp from 3.15.0 to 3.19.1
#80
wagga40
closed
3 months ago
0
double quotes in jsonl value prevent certain matches
#79
a-vine
closed
2 months ago
5
End-of-line characters prevent certain matches
#78
a-vine
closed
3 months ago
3
[Snyk] Security upgrade werkzeug from 2.2.3 to 3.0.3
#77
wagga40
closed
5 months ago
0
Correct a bug in MiniGUI
#76
wagga40
closed
6 months ago
0
V2.20.0
#75
wagga40
closed
6 months ago
0
[Snyk] Security upgrade orjson from 3.9.7 to 3.9.15
#74
wagga40
closed
7 months ago
0
[Snyk] Security upgrade aiohttp from 3.8.6 to 3.9.2
#73
wagga40
closed
8 months ago
0
Update docs for pysigma and installation
#72
wagga40
closed
9 months ago
0
[Snyk] Security upgrade werkzeug from 2.2.3 to 2.3.8
#71
wagga40
closed
10 months ago
0
Add CSV and JSON Array formatted logs support
#70
wagga40
closed
10 months ago
0
[Snyk] Security upgrade aiohttp from 3.8.6 to 3.9.0
#69
wagga40
closed
10 months ago
0
[Snyk] Security upgrade werkzeug from 2.2.3 to 3.0.1
#68
wagga40
closed
11 months ago
0
Fix Sysmon Blocked Executable rule
#66
mkilijanek
closed
1 year ago
2
Add options : delimiter for CSV, stop recursion, file pattern
#65
wagga40
closed
1 year ago
0
Linux Parsers do not read Logs with Number at End + CSV Seperator Request
#64
reece394
closed
1 year ago
5
Update Mitre Att&ck (c) reference table
#63
wagga40
closed
1 year ago
0
Add the ability to specify the index when forwarding to splunk #61
#62
wagga40
closed
1 year ago
0
Splunk Forwarding
#61
Compr0mzd
closed
1 year ago
9
detected_events.json issue
#60
rahmanonik18
closed
1 year ago
5
Unable to create table
#59
giacomoconti1978
closed
1 year ago
3
Add field alias and field splitting (Hash/hashes in Sysmon)
#58
wagga40
closed
1 year ago
0
mapping hashes/hash to individual hashes
#57
wmetcalf
closed
1 year ago
5
ModuleNotFoundError: No module named 'elasticsearch'
#56
dalifig
closed
1 year ago
3
export to ES not reliable
#55
lcia-projects
closed
1 year ago
10
exportForTimesketch.tmpl Not producing the correct CSV Fields
#54
mtreanor-r7
closed
1 year ago
15
Add initial support for Evtxtract logs
#53
wagga40
closed
1 year ago
0
Ingest XML events
#52
Blaapje
closed
1 year ago
8
[FR] The possibility to remove a EVTX or File after analyze
#51
V1D1AN
closed
1 year ago
1
Zircolite v2.9.7 On the fly rules conversion
#48
frack113
closed
1 year ago
2
Terminal Color error
#47
frack113
closed
1 year ago
1
Add timestamp try for rotten evtx files
#46
ZikyHD
closed
1 year ago
0
Add xxhash with events
#45
ZikyHD
closed
1 year ago
0
Zircolite.kape
#42
conexioninversa
closed
1 year ago
1
Create version for all platforms
#41
andreisss
closed
1 year ago
4
When the --evtx input including quotes the zircolite crush
#40
NofLevi
closed
1 year ago
2
minor spelling error
#38
AndrewRathbun
closed
2 years ago
1
ensure None values do not crash SQLite regex UDF
#37
conitrade-as
closed
2 years ago
1
isolate invidvidual line parsing errors
#36
conitrade-as
closed
2 years ago
1
Update URL for zircolite_server folder
#34
wikijm
closed
2 years ago
1
Update Advanced.md
#33
wikijm
closed
2 years ago
0
Next