Skip to content

scrymastic/windows-log-analyzer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits

imgs

imgs

 
 

rules

rules

 
 

sample-logs

sample-logs

 
 

src

src

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

windows-log-analyzer

This is a Python tool for parsing evtx files, analyzing them, and filtering suspicious events using Sigma rules.

Installation

To install the tool, follow these steps:

  1. Clone the repository:

    git clone https://github.com/scrymastic/windows-log-analyzer.git

  2. Install the required dependencies:

    pip install -r requirements.txt

Usage

To use the tool, run the following command:

python main.py

alt text

Configure the tool by editing the config.py file.

Contributing

Contributions are welcome. Feel free to open an issue or submit a pull request.

Acknowledgements

Parts of this project use resources from other open source repositories.

The following is a list of these projects:

  • sigma: a repository of Sigma rules for detecting suspicious events.

  • EVTX-ATTACK-SAMPLES: a repository of evtx files collected from various attack scenarios.

About

Python tool for analyzing Windows event logs using Sigma rules for threat detection

Topics

python log-analysis windows-security sigma-rules

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages