spark
Palantir Distribution of Apache Spark (by palantir)
windows-event-forwarding
A repository for using windows event forwarding for incident detection and response (by palantir)
spark | windows-event-forwarding | |
---|---|---|
1 | 7 | |
64 | 1,183 | |
- | 0.0% | |
0.0 | 0.0 | |
8 months ago | about 1 year ago | |
Scala | Roff | |
Apache License 2.0 | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
spark
Posts with mentions or reviews of spark.
We have used some of these posts to build our list of alternatives
and similar projects.
windows-event-forwarding
Posts with mentions or reviews of windows-event-forwarding.
We have used some of these posts to build our list of alternatives
and similar projects.
- Windows Event Forwarding - forward subset of events from one collector to another?
-
WinCollect to pic up custom event channel | AutorunsToWinEventLog
Hi All , We have deployed https://github.com/palantir/windows-event-forwarding/tree/master/AutorunsToWinEventLog which create autoruns entries into a custom event channel named Autoruns. We did filter to pic up this channel but no luck. the filter is like
-
How to add a new log under windows logs for different types of forwarded logs in event viewer
Here is an up to date documentation with an example: https://github.com/palantir/windows-event-forwarding/tree/master/windows-event-channels
-
Windows Event Forwarding vs SIEM Access?
Palantir has an excellent guide on this approach, https://github.com/palantir/windows-event-forwarding, and ArcSight provides some shockingly good information as well https://community.softwaregrp.com/dcvta86296/attachments/dcvta86296/BestPractices/57/1/Micro_Focus_ArcSight_Collecting_Windows_Event_Logs.pdf.
-
We are thinking SMB1 disabling but anything breaks authentication or anything else ?
You don't have a SIEM, but Windows has event forwarding built-in. There is a great overview here - https://docs.microsoft.com/en-us/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection. With properly crafted subscriptions, with specific SMB events, you could better understand your environment by looking in just one log. This is another good resource - https://github.com/palantir/windows-event-forwarding.
- GitHub - palantir/windows-event-forwarding: A repository for using windows event forwarding for incident detection and response
What are some alternatives?
When comparing spark and windows-event-forwarding you can also consider the following projects:
blueprint - A code generation tool for Laravel developers.
policy-bot - A GitHub App that enforces approval policies on pull requests
atlasdb - Transactional Distributed Database Layer
tslint - :vertical_traffic_light: An extensible linter for the TypeScript language
@blueprintjs/core - A React-based UI toolkit for the web
pyspark-style-guide - This is a guide to PySpark code style presenting common situations and the associated best practices based on the most frequent recurring topics across the PySpark repos we've encountered.
plottable - :bar_chart: A library of modular chart components built on D3
stacktrace - Stack traces for Go errors
python-language-server - An implementation of the Language Server Protocol for Python
spark vs blueprint
windows-event-forwarding vs policy-bot
spark vs atlasdb
windows-event-forwarding vs tslint
spark vs @blueprintjs/core
windows-event-forwarding vs pyspark-style-guide
windows-event-forwarding vs plottable
windows-event-forwarding vs stacktrace
windows-event-forwarding vs @blueprintjs/core
windows-event-forwarding vs atlasdb
windows-event-forwarding vs python-language-server