Skip to content

Releases: ceramicskate0/SWELF

0.6.1.0

06 Apr 05:06
@ceramicskate0 ceramicskate0
0.6.1.0
8991e86
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.6.1.0 Latest
Latest

Fixed:
#125
#131
#105
#110
#131
#112
#124
#114
#128
#111

Assets 3
Loading

v0.6.0.0

14 Mar 21:10
@ceramicskate0 ceramicskate0
0.6.0.0
1afb4d9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.6.0.0 Pre-release
Pre-release

Testing version of new approach to app

Assets 3
Loading

0.5.0.4

27 Jul 22:01
@ceramicskate0 ceramicskate0
0.5.0.4
67b7a4d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.5.0.4 Pre-release
Pre-release

Latest Stable Pre-Release

Bug Fixes:
#100
#102
#99
#78
#104

Assets 2
Loading

v0.4.3.1

29 Nov 06:45
@ceramicskate0 ceramicskate0
v0.4.3.1
b9846ad
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.4.3.1 Pre-release
Pre-release

Bug Fixes:
-Fixed issue 85, 86

New Stuff:
-Added issue 82 (CMDLine Args to keyvalue outputs) (Sysmon and PS logs only for now)
-Added Service checks from issue 83 (docs on wiki)

Assets 3
Loading

0.4.3.0

21 Nov 08:33
@ceramicskate0 ceramicskate0
0.4.3.0
86b7092
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.4.3.0 Pre-release
Pre-release

Fixed
-bugs with sending output to SIEM

  • minor bug and formatting issue fixes

-Added
-tcp tranmission (issue 80)

  • option to delete local log files after read and sent to SIEM

notes:
#transport_protocol=tcp OR udp (to be released in 0.4.3.0)(if not defined udp is default)
#delete_local_log_files_when_done={anything} (to be released in 0.4.3.0)(if not defined do nothing is default, if defined with anything it will remove)

Assets 3
Loading

0.4.2.2

18 Nov 04:28
@ceramicskate0 ceramicskate0
0.4.2.2
23ea9dc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.4.2.2 Pre-release
Pre-release

Fixed:

  • Bug with commandline method when using evtx log read.
Assets 3
Loading

0.4.2.1

08 Nov 06:28
@ceramicskate0 ceramicskate0
0.4.2.1
c3913cb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.4.2.1 Pre-release
Pre-release
  • able to pull central config from github web page
  • started moving settings to reg. (as backup)
  • Added ability to change SWELF's name to anything to help hide from fingerprinting by adversaries
Assets 3
Loading

0.4.2.0

01 Nov 08:29
@ceramicskate0 ceramicskate0
0.4.2.0
bfb1913
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.4.2.0 Pre-release
Pre-release

Release Notes:

  • Added appconfig command "debug" to output all eventlog data to eventdata field of event log and forces verbose logging.
  • Added tagging to the event data field to tag each eventlog with the search that was used to find it.
  • Began work to multithread application (issue 73). Threading works for Powershell plugins,local log reads, and initial work done for searchs but has issues with stability and is hard set to single thread.
  • Added user level file lock to sensitive config file (that will not work or log if not supported native by OS)(future release to resolve non support)(issue 21).
  • Added errorlog file size auto management
  • Added SWELF Eventlog ID standardization
  • Resolved issue 49
  • SWELF Icon redesign
    -Deprecated method removal and code cleanup.
  • Minor algo and functional Bug fixes and resource optimization (to numerous to list).

Search Commands Supported at this release are:
"count:", "eventdata_length:", "commandline_length:", "commandline_contains:", "commandline_count:", "regex:", "log_level:", "not_in_log:","search_multiple:" , "network_connect:"

//SWELF EVENT LOG ERRORS LIST
SWELF_Information = 996;
SWELF_SuccessAudit = 995;
SWELF_Error = 998;
SWELF_FailureAudit = 999;
SWELF_WARNING = 997;

Assets 3
Loading

0.4.1.2

18 Sep 22:15
@ceramicskate0 ceramicskate0
0.4.1.2
35edf52
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.4.1.2 Pre-release
Pre-release

Bug fixes:

  • issues 67 (Again)
  • SWELF 0.4.1.1 not returning findings
Assets 3
Loading

0.4.1.1

18 Sep 01:39
@ceramicskate0 ceramicskate0
0.4.1.1
2c1e3f8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
0.4.1.1 Pre-release
Pre-release

Added increased error logging

Assets 2
Loading