ceramicskate0/SWELF

Issues

• SPLUNK .Net SDKs now out

  #142 opened a year ago by ceramic-skate0
  0

• Add macros to find in Searchs.txt to Log Sources

  #130 opened 3 years ago by ceramicskate0
  0

• Add new sysmon event ID's from 2018 to today

  #141 opened 3 years ago by ceramicskate0
  0

• .cpl

  #140 opened 3 years ago by ceramic-skate0
  0

• Add to searchs.txt for cmdline

  #138 opened 4 years ago by ceramic-skate0
  1

• Add to search,txt

  #137 opened 4 years ago by ceramic-skate0
  1

• SWELF may have searching issues in Search.cs (v0.6.1.0)

  #136 opened 4 years ago by ceramicskate0
  0

• Update SWELF_SPLUNK_DASHBOARD.xml

  #135 opened 4 years ago by ceramicskate0
  1

• SWELF will log the full URL to the error log of application when it is unable to access it

  #117 opened 4 years ago by ceramicskate0
  0

• SWELF CPU usage to High in 0.5.0.3

  #99 opened 4 years ago by ceramicskate0
  1

• Not all Errors being recorded

  #134 opened 4 years ago by ceramicskate0
  0

• MultiSearch Feature not logging to event log as multisearh

  #126 opened 4 years ago by ceramicskate0
  1

• SWELF 0.6.1.0 Crash under certain conditions for SEND_Errors_To_Central_Location()

  #133 opened 4 years ago by ceramicskate0
  0

• Send Logs in JSON Format

  #132 opened 4 years ago by ceramicskate0
  0

• Add feature for tcp TLS connection

  #106 opened 4 years ago by ceramicskate0
  0

• When SWELF reads in EventLogs it stores compmressed but also in cleartext

  #101 opened 5 years ago by ceramicskate0
  0

• Error log default output has typo

  #125 opened 4 years ago by ceramicskate0
  0

• Add App_Config option to parse out sysmon

  #131 opened 4 years ago by ceramicskate0
  0

• INCORRECT ERROR everyrun Severity=critical MethodInCode=SEC_Check_Failed() Message=SEC_Check Fail the reg hostname != to the config hostname for log_collector1. Possible SWELF config integrity issue.

  #105 opened 4 years ago by ceramicskate0
  1

• ips.txt and hash.txt file name is backwards

  #110 opened 4 years ago by ceramicskate0
  0

• Reg keys still contain SWELF in name vice what ever app was renamed to

  #112 opened 4 years ago by ceramicskate0
  0

• Newest SWELF Version cuts off some eventdata in logs

  #118 opened 4 years ago by ceramicskate0
  0

• File and Directory to monitor default settings cause crash

  #124 opened 4 years ago by ceramicskate0
  1

• Add sysmon integ check feature addition

  #114 opened 4 years ago by ceramicskate0
  3

• Complete TODO in app comments and remove comemnts

  #128 opened 4 years ago by ceramicskate0
  0

• 0.5.0.4 sensitve files not always encrypting after 2nd run

  #111 opened 4 years ago by ceramicskate0
  0

• Send Logs over tcp SSL/TLS

  #129 opened 4 years ago by ceramicskate0
  3

• Lock down install dir for SWELF

  #109 opened 5 years ago by ceramicskate0
  5

• After Code refactor UPDATE DOCS

  #127 opened 4 years ago by ceramicskate0
  0

• Look at redoing multisearch feature to use regex vice loop

  #113 opened 4 years ago by ceramicskate0
  1

• Add msbuild IOC to searchs.txt

  #122 opened 4 years ago by ceramicskate0
  1

• ADD to template

  #108 opened 4 years ago by ceramicskate0
  1

• add Software\Classes\AppX82a6gwre4fdg3bt635tn5ctqjf8msdd2\Shell\open\command

  #115 opened 4 years ago by ceramicskate0
  1

• add eventid 1042

  #119 opened 4 years ago by ceramicskate0
  1

• Add DelegateExecute reg value for UAC bypasses

  #121 opened 4 years ago by ceramicskate0
  1

• Add forfiles.exe

  #123 opened 4 years ago by ceramicskate0
  1

• add C:\Windows\System32\wsreset.exe

  #116 opened 4 years ago by ceramicskate0
  1

• Explore the Idea of Search_Rule Comments in Log_of_interest output

  #98 opened 5 years ago by ceramicskate0
  0

• Add MSSQL log event ID's

  #120 opened 5 years ago by ceramicskate0
  0

• Default files created during install appear to have _ in them and some dont.

  #102 opened 5 years ago by ceramicskate0
  0

• SWELF 1st run takes 5 runs to setup

  #100 opened 5 years ago by ceramicskate0
  2

• Current version in test has issue with wrong search term in eventlog on system

  #104 opened 5 years ago by ceramicskate0
  3

• SWELF Keep track of failed connection attempts by Date

  #89 opened 5 years ago by ceramicskate0
  0

• Send Logs of all Network Connections Excerpt Browsers Search

  #91 opened 5 years ago by ceramicskate0
  0

• Redo the "not_in_log" search logic

  #93 opened 5 years ago by ceramicskate0
  0

• Fresh install not working

  #95 opened 5 years ago by ceramicskate0
  1

• Add reg key for wdigest

  #96 opened 5 years ago by ceramicskate0
  1

• SWELF 0.5.0.0 re reading old logs every run.

  #94 opened 5 years ago by ceramicskate0
  1

• Search_Command that will search only network connections for hits on IP or part of/whole match of Domain/TLD

  #90 opened 5 years ago by ceramicskate0
  1

• event Log for SWELF Alerts/issues/and bugs on machine

  #92 opened 5 years ago by ceramicskate0
  0