SysmonSearch
SysmonSearch copied to clipboard
JPCERTCC
Investigate suspicious activity by visualizing Sysmon's event log
Bumps [lxml](https://github.com/lxml/lxml) from 4.4.1 to 4.9.1. Changelog Sourced from lxml's changelog. 4.9.1 (2022-07-01) Bugs fixed A crash was resolved when using iterwalk() (or canonicalize()) after parsing certain incorrect input. Note...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [lxml](https://github.com/lxml/lxml) from 4.4.2 to 4.9.1. Changelog Sourced from lxml's changelog. 4.9.1 (2022-07-01) Bugs fixed A crash was resolved when using iterwalk() (or canonicalize()) after parsing certain incorrect input. Note...
It seems the application doesn't work anymore in recent versions of Kibana. Did someone figure out already how to resolve this?
ubuntu18.04LTS/elasticsearch7.5.2/kibana7.5.2環境へSysmonSearchプラグインを導入しましたが、 SysmonSearchの[EventList]でしかログが表示されず[Alert][Serach][Statistics]が利用できません。 elasticsearchにログは届いていることは確認済みです。 どなたか同じ現象になっていませんでしょうか? クライアント側はwinlogbeat7.5.2です。 ちなみにwinlogbeat6.6.2のログは[EventList]にすら表示されません。 winlogbeat6系のログは表示できないのでしょうか?
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.6 to 1.26.5. Release notes Sourced from urllib3's releases. 1.26.5 :warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap Fixed...
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.7 to 1.26.5. Release notes Sourced from urllib3's releases. 1.26.5 :warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap Fixed...
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.2 to 5.4. Changelog Sourced from pyyaml's changelog. 5.4 (2021-01-19) yaml/pyyaml#407 -- Build modernization, remove distutils, fix metadata, build wheels, CI to GHA yaml/pyyaml#472 -- Fix for...
Greetings I am using 7.9.2 Elastic/Kibana and since Elastic 7.6 several changes have broken Sysmon Search, I have a critical need to use your awesome plugin and am wondering if...
Hello, If I want test SysmonSearch with a Nxlog and a logstash. I must change my winlogbeat.yml of sigma with my nxlog.yml and change the "collection_alert_data.py" and "collection_statistical_data.py" ? Congratulations...
Hello, Kibana fails to start with plugin installed. Kibana 7.6.0, I'm utilizing existing build of ELK Thx
