Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

normalize winlogbeats with fluent bit winlog/winevtlog #356

Closed
mmguero opened this issue Nov 4, 2024 · 0 comments
Closed

normalize winlogbeats with fluent bit winlog/winevtlog #356

mmguero opened this issue Nov 4, 2024 · 0 comments
Assignees
@mmguero
Labels
enhancement New feature or request external Depends on a bug or feature external to this project host logs Related to Malcolm's processing of host logs forwarded from external forwearders
Milestone
v25.01.0

Comments

@mmguero
Copy link
Collaborator

mmguero commented Nov 4, 2024

@mmguero cloned issue idaholab/Malcolm#604 on 2024-10-29:

The documentation describes setting up Beats to forward to Malcolm.

We need to do the following:

  • verify the documentation that it's (still?) correct and accurate

  • For winlogbeat specifically, we should look into normalizing its output so that the windows even logs from fluent bit's winlog and winevtlog, the EVTX files uploaded and parsed and what winlogbeats puts out so it's all apples and apples as much as possible (and the dashboards work pretty much the same for all three).
@mmguero mmguero added enhancement New feature or request external Depends on a bug or feature external to this project host logs Related to Malcolm's processing of host logs forwarded from external forwearders labels Nov 4, 2024
@mmguero mmguero mentioned this issue Nov 4, 2024
Closed
@mmguero mmguero added this to Malcolm Nov 5, 2024
@mmguero mmguero added this to the z.staging milestone Nov 5, 2024
@mmguero mmguero moved this to Todo (develop) in Malcolm Dec 11, 2024
@mmguero mmguero modified the milestones: z.staging, v25.01.0 Dec 11, 2024
@mmguero mmguero self-assigned this Dec 11, 2024
mmguero added a commit to mmguero-dev/Malcolm that referenced this issue Jan 8, 2025
@mmguero
start of cisagov#356, normalize winlogbeats
fa6807b
mmguero added a commit to mmguero-dev/Malcolm that referenced this issue Jan 8, 2025
@mmguero
WIP of cisagov#356, normalize winlogbeats
413eca5
mmguero added a commit to mmguero-dev/Malcolm that referenced this issue Jan 8, 2025
@mmguero
WIP of cisagov#356, normalize winlogbeats
9ce0289
mmguero added a commit to mmguero-dev/Malcolm that referenced this issue Jan 8, 2025
@mmguero
WIP of cisagov#356, fix for a dashboard
e0e8af5
mmguero added a commit to mmguero-dev/Malcolm that referenced this issue Jan 8, 2025
@mmguero
WIP of cisagov#356, normalize winlogbeats
8cb4348
@mmguero mmguero closed this as completed Jan 8, 2025
@github-project-automation github-project-automation bot moved this from Todo (develop) to Done in Malcolm Jan 8, 2025
mmguero added a commit to mmguero-dev/Malcolm that referenced this issue Jan 9, 2025
@mmguero
forgot to add file for cisagov#356
eae26a7
This was referenced Jan 17, 2025
Merged
Merged
mmguero added a commit to idaholab/Malcolm that referenced this issue Jan 17, 2025
@mmguero
start of cisagov#356, normalize winlogbeats
f10f2ea
mmguero added a commit to idaholab/Malcolm that referenced this issue Jan 17, 2025
@mmguero
WIP of cisagov#356, normalize winlogbeats
a5ad1aa
mmguero added a commit to idaholab/Malcolm that referenced this issue Jan 17, 2025
@mmguero
WIP of cisagov#356, normalize winlogbeats
836726a
mmguero added a commit to idaholab/Malcolm that referenced this issue Jan 17, 2025
@mmguero
WIP of cisagov#356, fix for a dashboard
8412ce6
mmguero added a commit to idaholab/Malcolm that referenced this issue Jan 17, 2025
@mmguero
WIP of cisagov#356, normalize winlogbeats
bcbeccc
mmguero added a commit to idaholab/Malcolm that referenced this issue Jan 17, 2025
@mmguero
forgot to add file for cisagov#356
bf83811
@mmguero mmguero moved this from Done to Released in Malcolm Jan 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mmguero mmguero

Labels
enhancement New feature or request external Depends on a bug or feature external to this project host logs Related to Malcolm's processing of host logs forwarded from external forwearders
Projects
Malcolm
Status: Released
Milestone
v25.01.0
Development

No branches or pull requests
1 participant
@mmguero