Marc Smeets

Tracked in branch ``bluecheck-update``

Would have my preference to - just as with other C2s that RedELK supports - keep the way of logging part of the codebase of the actual C2 itself and...

Update: the roadmap for the 0.7 release of Covenant now includes extra logging. When that is out, we can start working on the RedELK side.

Sadly only 24h in a day. But this should not be that difficult indeed. Whats the quickest way to get a RedWarden installation up?

Still sadly only 24h in a day. We do accept Pull Requests!

Hi, I'm Marc and I am an idiot :) I typed in the wrong C2 name when I said there is basic support of Empire. I meant PoshC2. That having...

I. Anything that helps with setting the default index is much appreciated. II. No have not thought about it but does sound interesting! Would be interested in anything that you...

Err, some numbering went off. VII. yes know about Elastalert. Seems like a lot better approach than ours quick n dirty one. Althogh perhaps not usable in all our cases...

Thanks for the pointer. Ill run some tests and add in next update. If you have any pointers for the other items thats also hugely appreciated!

Thanks for the suggestions @derentis. I will have a look at them and see how easy it is to include.