Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
We haven't tracked posts mentioning arbor-monad-logger yet.
Tracking mentions began in Dec 2020.
CMD window(s) popping up at logon and instantly disappearing before I get a clue what it's about
1 project | reddit.com/r/sysadmin | 11 Dec 2021
Sysmon and https://github.com/SwiftOnSecurity/sysmon-config
How do you get logs in event viewer whenever a file is copied or created?
1 project | reddit.com/r/sysadmin | 8 Dec 2021
Have a look at sysinternals SysMon and optionally use it with https://github.com/SwiftOnSecurity/sysmon-config/
This Visual Studio Code extension is for heping in the writting of Sysmon XML configuration files - now supports Sysmon for Linux schema
3 projects | reddit.com/r/blueteamsec | 17 Oct 2021
SwiftOnSecurity's config is well commented, going through it may help. There's also sysmon-modular which seems similar.
Sysmon for Linux 1.0.0 Released
3 projects | news.ycombinator.com | 15 Oct 2021
Software or Service that helps you manage your network that you couldn't live without?
1 project | reddit.com/r/k12sysadmin | 12 Oct 2021
Netbox, ElastiFlow, PRTG, Graylog, Windows Event Forwarding, Grafana, sysmon using: https://github.com/SwiftOnSecurity/sysmon-config
How to find out where traffic is originating on your pc?
1 project | reddit.com/r/networking | 7 Oct 2021
US Navy's six-step troubleshooting method
1 project | reddit.com/r/sysadmin | 21 Aug 2021
There are things we centralize. Ie send to a central server. We use reasouces like: https://github.com/SwiftOnSecurity/sysmon-config
2 projects | reddit.com/r/elasticsearch | 6 Apr 2021
You will likely need to tune event-logs. Install sysmon (https://github.com/SwiftOnSecurity/sysmon-config) and tune up your windows servers. Else you will be pulling in lots of garbage, Which will cost you upstream.
Help required in order to investigate
2 projects | reddit.com/r/computerforensics | 24 Feb 2021
In the future, capture memory first. Everything else won't just disappear, memory is gone once you shut the machine down though. Also, look at increasing the logging on your systems. Use sysmon / https://github.com/SwiftOnSecurity/sysmon-config, enable firewall logging, enable command line logging, etc. I'll try to do a post on baseline logging, keep an eye on nullsec.us for the next article.
Looking for good Splunk universal forwarder defaults..?
1 project | reddit.com/r/blueteamsec | 23 Jan 2021
What are some alternatives?
sigma - Generic Signature Format for SIEM Systems
SysmonTools - Utilities for Sysmon
ansible-role-elasticsearch - Ansible Role - Elasticsearch
vscode-sysmon - Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.
EventFinder2 - Finds event logs between two time points. Useful for helpdesk/support/malware analysis.
Event-Forwarding-Guidance - Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
SysmonConfigPusher - Pushes Sysmon Configs
sysmon-modular - A repository of sysmon configuration modules
graylog-fortigate-cef - A Graylog content pack containing a stream and dashboards for Fortinet Fortigate CEF logs