windows-event-forwarding
A repository for using windows event forwarding for incident detection and response (by palantir)
spark
Palantir Distribution of Apache Spark (by palantir)
| windows-event-forwarding | spark | |
|---|---|---|
| 7 | 1 | |
| 1,183 | 64 | |
| 0.0% | - | |
| 0.0 | 0.0 | |
| about 1 year ago | 8 months ago | |
| Roff | Scala | |
| GNU General Public License v3.0 or later | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
windows-event-forwarding
Posts with mentions or reviews of windows-event-forwarding.
We have used some of these posts to build our list of alternatives
and similar projects.
- Windows Event Forwarding - forward subset of events from one collector to another?
-
WinCollect to pic up custom event channel | AutorunsToWinEventLog
Hi All , We have deployed https://github.com/palantir/windows-event-forwarding/tree/master/AutorunsToWinEventLog which create autoruns entries into a custom event channel named Autoruns. We did filter to pic up this channel but no luck. the filter is like
-
How to add a new log under windows logs for different types of forwarded logs in event viewer
Here is an up to date documentation with an example: https://github.com/palantir/windows-event-forwarding/tree/master/windows-event-channels
-
Windows Event Forwarding vs SIEM Access?
Palantir has an excellent guide on this approach, https://github.com/palantir/windows-event-forwarding, and ArcSight provides some shockingly good information as well https://community.softwaregrp.com/dcvta86296/attachments/dcvta86296/BestPractices/57/1/Micro_Focus_ArcSight_Collecting_Windows_Event_Logs.pdf.
-
We are thinking SMB1 disabling but anything breaks authentication or anything else ?
You don't have a SIEM, but Windows has event forwarding built-in. There is a great overview here - https://docs.microsoft.com/en-us/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection. With properly crafted subscriptions, with specific SMB events, you could better understand your environment by looking in just one log. This is another good resource - https://github.com/palantir/windows-event-forwarding.
- GitHub - palantir/windows-event-forwarding: A repository for using windows event forwarding for incident detection and response
spark
Posts with mentions or reviews of spark.
We have used some of these posts to build our list of alternatives
and similar projects.
What are some alternatives?
When comparing windows-event-forwarding and spark you can also consider the following projects:
policy-bot - A GitHub App that enforces approval policies on pull requests
blueprint - A code generation tool for Laravel developers.
tslint - :vertical_traffic_light: An extensible linter for the TypeScript language
atlasdb - Transactional Distributed Database Layer
pyspark-style-guide - This is a guide to PySpark code style presenting common situations and the associated best practices based on the most frequent recurring topics across the PySpark repos we've encountered.
@blueprintjs/core - A React-based UI toolkit for the web
plottable - :bar_chart: A library of modular chart components built on D3
stacktrace - Stack traces for Go errors
python-language-server - An implementation of the Language Server Protocol for Python
windows-event-forwarding vs policy-bot
spark vs blueprint
windows-event-forwarding vs tslint
spark vs atlasdb
windows-event-forwarding vs pyspark-style-guide
spark vs @blueprintjs/core
windows-event-forwarding vs plottable
windows-event-forwarding vs stacktrace
windows-event-forwarding vs @blueprintjs/core
windows-event-forwarding vs atlasdb
windows-event-forwarding vs python-language-server