Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
An implementation of a Windows Event Collector server running on GNU/Linux.
An open-source log collector for collecting logs from Windows Event Forwarding
Splunk App that provides some dashboards for Windows WEC telemetry data retrieved using the Windows WEC Add-On
Splunk Add-on to import Windows WEC subscription information
Ansible role for deploying WEFC subscriptions.
Setup-Guide for the central Logserver Graylog (dockerized)
Scripts to automate the setup and configuration of windows event collector.
Automated system for collecting Windows audit logs, with immutable storage and an interactive dashboard for real-time analysis.
Winlogbeat installation for Windows Event Collectors (WEFCs)
Add a description, image, and links to the windows-event-collector topic page so that developers can more easily learn about it.
To associate your repository with the windows-event-collector topic, visit your repo's landing page and select "manage topics."