EvlWatcher
EvlWatcher copied to clipboard
a "fail2ban" style modular log file analyzer for windows
When the ban-list surpasses 10'000 entries it stops working, eats lots of CPU and throws following error `[Error]: The array bounds are invalid. (Exception from HRESULT: 0x800706C6) ` additionally it...
I must admit I have been looking for something to do this for a Win 2008 R2 server to remove the tedium of adding IPs to a firewall blacklist. But...
Please find event log for sql server logon attempts. It's in "Windows Logs"/Applications in EventViewer: - 18456 0 4 0x90000000000000 6145709 Application ... - sa Reason: Password did not match...
It would be *really* neat if it could interface with an external API to add/remove firewall rules (for example OPNSense/pfSense using their API's to add rules to the gateway firewall...
Would it be possible to add other log sources (as in not the Windows event log)? Many third party programs do not write to the windows event log, but have...
Seeing `Collection was modified; enumeration operation may not execute.` in the live output, what does this mean?
Future plan: Auto-update the software or an option to check the update available, click to download and install or something similar for a better user experience.
### Part 1 Feature request: Global config file settings for: - LockTime - EventAge - TriggerCount - PermaBanCount Then for each type of event (RDP, SSH, FTP etc...) the same...
https://www.ipdeny.com/ipblocks/ If you could have a selection list to import these IP zones that would be amazing.
I noticed a lot of bans on individual ip address coming from a /24 subnet. I would like to be able to enter a wildcard ban on a subnet to...