palantir/windows-event-forwarding
A repository for using windows event forwarding for incident detection and response
RoffNOASSERTION
Issues
- 3
- 4
wecutil ss error x057
#26 opened by adrwh - 3
- 2
- 26
wecsvc stops working after a while
#35 opened by bluedefxx - 0
Event Providers and Channels - DB Audit Events
#50 opened by Greyland99 - 1
Push for performance improvement
#39 opened by mdecrevoisier - 0
EventID 4648 not included
#36 opened by patrickg2525 - 3
Collector Server
#38 opened by coleJ98 - 4
- 3
- 1
- 1
Server 2016 collector woe
#25 opened by mineral4x - 2
character encoding problems with some files
#24 opened by patrickg2525 - 2
- 5
Wrapping of Image_Path and Hashes
#15 opened by spaz1729 - 2
Add subscriptions for ADFS
#1 opened by cryps1s - 1
Add subscriptions for Duo
#2 opened by cryps1s - 2
Add subscriptions for Device Guard
#3 opened by cryps1s - 1
Add subscriptions for office alerts.
#5 opened by cryps1s - 2
Add WEF subscription for TPM-WMI
#6 opened by cryps1s - 2
Add WEF Subscriptions for Exploit Guard
#8 opened by cryps1s - 1
- 1
Add sysmon subscriptions and event channel
#4 opened by cryps1s - 1
Add WEF Subscriptions for Exploit Guard ASR
#7 opened by cryps1s