TA_ETW
TA_ETW copied to clipboard
vector-sec
Splunk Technology Add-On (TA) for collecting ETW events from Windows systems
Bumps [Newtonsoft.Json](https://github.com/JamesNK/Newtonsoft.Json) from 12.0.2 to 13.0.2. Release notes Sourced from Newtonsoft.Json's releases. 13.0.2 New feature - Add support for DateOnly and TimeOnly New feature - Add UnixDateTimeConverter.AllowPreEpoch property New feature...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Hello, We have installed the app and configured config.yaml to gather a couple of events. From some time we can see that l the logs with EventID 1 are being...
Hello, how can we verify what event caused below exception? 02-13-2021 15:09:54.642 -0600 FATAL ExecProcessor - message from ""C:\Program Files\SplunkUniversalForwarder\etc\apps\blablabin\TA_ETW.exe"" Exception during streaming: name=TA_ETW://TA_ETW_DNS | System.FormatException: Input string was not...
Hello, we have installed the app on a few of our DC and we were able to start pulling the logs on some of them. Unfortunately on about ~50% of...
hello, When I change the index in the config yaml or in the inputs.conf, I stop receiving events in splunk. The index is correctly created in splunk. I only get...
Metadata
Owner
Metadata
Splunk Technology Add-On (TA) for collecting ETW events from Windows systems