windows-event-forwarding
policy-bot
windows-event-forwarding | policy-bot | |
---|---|---|
7 | 2 | |
1,183 | 706 | |
0.0% | 0.8% | |
0.0 | 9.0 | |
about 1 year ago | 4 days ago | |
Roff | Go | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
windows-event-forwarding
- Windows Event Forwarding - forward subset of events from one collector to another?
-
WinCollect to pic up custom event channel | AutorunsToWinEventLog
Hi All , We have deployed https://github.com/palantir/windows-event-forwarding/tree/master/AutorunsToWinEventLog which create autoruns entries into a custom event channel named Autoruns. We did filter to pic up this channel but no luck. the filter is like
-
How to add a new log under windows logs for different types of forwarded logs in event viewer
Here is an up to date documentation with an example: https://github.com/palantir/windows-event-forwarding/tree/master/windows-event-channels
-
Windows Event Forwarding vs SIEM Access?
Palantir has an excellent guide on this approach, https://github.com/palantir/windows-event-forwarding, and ArcSight provides some shockingly good information as well https://community.softwaregrp.com/dcvta86296/attachments/dcvta86296/BestPractices/57/1/Micro_Focus_ArcSight_Collecting_Windows_Event_Logs.pdf.
-
We are thinking SMB1 disabling but anything breaks authentication or anything else ?
You don't have a SIEM, but Windows has event forwarding built-in. There is a great overview here - https://docs.microsoft.com/en-us/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection. With properly crafted subscriptions, with specific SMB events, you could better understand your environment by looking in just one log. This is another good resource - https://github.com/palantir/windows-event-forwarding.
- GitHub - palantir/windows-event-forwarding: A repository for using windows event forwarding for incident detection and response
policy-bot
-
Multiple approvers for some PR paths?
This looks promising https://github.com/palantir/policy-bot.
-
How to automatically merge dependabot pull requests with Github Actions ?
My team has used a combination of bulldozer and policy-bot to do this as well. Though we only target a select set of things to auto-bump.
What are some alternatives?
tslint - :vertical_traffic_light: An extensible linter for the TypeScript language
octostats - 🐙🐱📦 Additional GitHub API methods
pyspark-style-guide - This is a guide to PySpark code style presenting common situations and the associated best practices based on the most frequent recurring topics across the PySpark repos we've encountered.
plottable - :bar_chart: A library of modular chart components built on D3
TrojanSourceFinder - 🔎 Help find Trojan Source vulnerability in code 👀 . Useful for code review in project with multiple collaborators (CI/CD)
stacktrace - Stack traces for Go errors
bouncer - An application to cycle (bounce) all nodes in a coordinated fashion in an AWS ASG or set of related ASGs
@blueprintjs/core - A React-based UI toolkit for the web
octotui - 🐙🐱🖥️ GitHub stats in your terminal
spark - Palantir Distribution of Apache Spark
gitpod - The developer platform for on-demand cloud development environments to create software faster and more securely.