Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Windows-event-forwarding Alternatives
Similar projects and alternatives to windows-event-forwarding
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
pyspark-style-guide
This is a guide to PySpark code style presenting common situations and the associated best practices based on the most frequent recurring topics across the PySpark repos we've encountered.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
windows-event-forwarding reviews and mentions
- Windows Event Forwarding - forward subset of events from one collector to another?
-
WinCollect to pic up custom event channel | AutorunsToWinEventLog
Hi All , We have deployed https://github.com/palantir/windows-event-forwarding/tree/master/AutorunsToWinEventLog which create autoruns entries into a custom event channel named Autoruns. We did filter to pic up this channel but no luck. the filter is like
-
How to add a new log under windows logs for different types of forwarded logs in event viewer
Here is an up to date documentation with an example: https://github.com/palantir/windows-event-forwarding/tree/master/windows-event-channels
-
Windows Event Forwarding vs SIEM Access?
Palantir has an excellent guide on this approach, https://github.com/palantir/windows-event-forwarding, and ArcSight provides some shockingly good information as well https://community.softwaregrp.com/dcvta86296/attachments/dcvta86296/BestPractices/57/1/Micro_Focus_ArcSight_Collecting_Windows_Event_Logs.pdf.
-
We are thinking SMB1 disabling but anything breaks authentication or anything else ?
You don't have a SIEM, but Windows has event forwarding built-in. There is a great overview here - https://docs.microsoft.com/en-us/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection. With properly crafted subscriptions, with specific SMB events, you could better understand your environment by looking in just one log. This is another good resource - https://github.com/palantir/windows-event-forwarding.
- GitHub - palantir/windows-event-forwarding: A repository for using windows event forwarding for incident detection and response
-
A note from our sponsor - InfluxDB
www.influxdata.com | 24 Apr 2024
Stats
palantir/windows-event-forwarding is an open source project licensed under GNU General Public License v3.0 or later which is an OSI approved license.
The primary programming language of windows-event-forwarding is Roff.
Popular Comparisons
- windows-event-forwarding VS policy-bot
- windows-event-forwarding VS tslint
- windows-event-forwarding VS pyspark-style-guide
- windows-event-forwarding VS plottable
- windows-event-forwarding VS stacktrace
- windows-event-forwarding VS @blueprintjs/core
- windows-event-forwarding VS spark
- windows-event-forwarding VS atlasdb
- windows-event-forwarding VS python-language-server
Sponsored