whids issues

Alerts/events not being log

10

Version: 1.8.0-beta.7 OS: Windows 10 19044 (VM) I am having issues with this version that no log is being generated for events. I did have events/alerts logged and dumps worked...

xoverride

critical

Bug in service name resolution

When there is a PID re-use it may happen that service name is wrong. This bug only occurs when events are queued too long by ETW, for instance when the...

qjerome

bug

optimize tests for more speed

enable the maximum of tests to be run in parallel to gain speed

qjerome

Improve testing of hids package

This package is pretty complicated to test because it can be ran only on Windows. Find a way to test it properly.

qjerome

Review event hooks and default field values

Use SetIfMissing on relevant event fields

qjerome

review endpoint configuration and remove deprecated settings

qjerome

Add /endpoints/commands/help

Serve the list of supported EDR commands

qjerome

Add information to system information

1

Ideas: - boot time - event count - last event scanned

qjerome

API not authorized

3

Hi and congratulations for this great tool @qjerome ! My question may seem silly because I'm fairly new to APIs, and the solution is probably a little detail, but I've...

Kaputt4

Endpoint configuration endpoint

Provide an API endpoint to configure endpoints

qjerome

whids
whids copied to clipboard

Metadata

Alerts/events not being log

Bug in service name resolution

optimize tests for more speed

Improve testing of hids package

Review event hooks and default field values

review endpoint configuration and remove deprecated settings

Add /endpoints/commands/help

Add information to system information

API not authorized

Endpoint configuration endpoint

← Metadata

Owner

Metadata

whids whids copied to clipboard

Metadata

← Metadata

Owner

Metadata

whids
whids copied to clipboard