Skip to content

Commit

Permalink
Update README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@sch3m4
sch3m4 authored Apr 17, 2017
1 parent 19cc1f0 commit 4f85015
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

This tool automates the process of creating logon relations from MS Windows Security Events by showing a graphical realtion among users domains, source and destination logons as well as session duration.

![](https://raw.githubusercontent.com/sch3m4/userline/master/img/graph.png)
![](https://raw.githubusercontent.com/thiber-org/userline/master/img/graph.png)

It has three output modes:
1. Standard output
Expand All @@ -20,7 +20,7 @@ It has three output modes:

Author: Chema Garcia (aka sch3m4)
@sch3m4
https://github.com/sch3m4/userline
https://github.com/thiber-org/userline

usage: userline.py [-h] [-H ESHOSTS] [-S POOL_SIZE] -i INDEX
(-L | -E | -l | -w DATE) [-c PATH] [-n BOLT] [-f] [-s]
Expand Down Expand Up @@ -106,7 +106,7 @@ Getting the last shutdown event:

Author: Chema Garcia (aka sch3m4)
@sch3m4
https://github.com/sch3m4/userline
https://github.com/thiber-org/userline

INFO - Last shutdown:
INFO - - Datetime: 2016-07-12 18:56:33+00:00
Expand All @@ -124,7 +124,7 @@ Getting the last event:

Author: Chema Garcia (aka sch3m4)
@sch3m4
https://github.com/sch3m4/userline
https://github.com/thiber-org/userline

INFO - Last event:

Expand Down Expand Up @@ -157,7 +157,7 @@ Getting logon relations between two dates into a CSV file:

Author: Chema Garcia (aka sch3m4)
@sch3m4
https://github.com/sch3m4/userline
https://github.com/thiber-org/userline

INFO - Building query
INFO - Processing events
Expand All @@ -176,15 +176,15 @@ Getting logon relations into Neo4J graph:

Author: Chema Garcia (aka sch3m4)
@sch3m4
https://github.com/sch3m4/userline
https://github.com/thiber-org/userline

INFO - Building query
INFO - Processing events
[====================] 100.0% Elapsed: 0m 02s ETA: 0m00s
INFO - 44 Logons processed in 0:00:02.051880

Query the results using Neo4J CQL
![](https://raw.githubusercontent.com/sch3m4/userline/master/img/result.png)
![](https://raw.githubusercontent.com/thiber-org/userline/master/img/result.png)


## Querying Neo4J data
Expand Down

0 comments on commit 4f85015

Please sign in to comment.