An implementation of a Windows Event Collector server running on GNU/Linux.

Overview

OpenWEC

OpenWEC is a free and open source (GPLv3) implementation of a Windows Event Collector server running on GNU/Linux and written in Rust.

OpenWEC collects Windows event logs from a Linux machine without the need for a third-party local agent running on Windows machines.

OpenWEC implements the Windows Event Forwarding protocol (MS-WSMV), which is derived from WS-Management (DSP0226). The same protocol is used by the built-in Windows Event Forwarding plugin. As it speaks the same protocol, OpenWEC can be used with the built-in Windows Event Forwarding plugin. Only the source-initiated mode (Push) is supported for now.

OpenWEC is composed of two binaries:

  • openwecd: OpenWEC server
  • openwec: OpenWEC CLI, used to manage the OpenWEC server

The OpenWEC configuration is read from a file (by default /etc/openwec.conf.toml). See available parameters in openwec.conf.sample.toml. Subscriptions and their parameters are stored in a database and can be managed using openwec (see CLI documentation).

Documentation

Contributing

Any contribution is welcome, be it code, bug report, packaging, documentation or translation.

License

OpenWEC is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

OpenWEC is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with OpenWEC. If not, see the gnu.org web site.

Comments
  • Bump toml from 0.5.11 to 0.7.4

    Bump toml from 0.5.11 to 0.7.4

    Bumps toml from 0.5.11 to 0.7.4.

    Commits
    • 0945943 chore: Release
    • b4cc00a docs: Update changelog
    • f46f507 Merge pull request #557 from epage/newtype_variant
    • 1f4f2f7 fix(serde): Newtype variant support
    • 87836d9 test(serde): Show newtype variants not working
    • faac518 Merge pull request #555 from epage/winnow
    • a52a722 refactor(parser): Resolve deprecations
    • 0951271 Merge pull request #554 from est31/main
    • e7d57ea Update github URL of toml_edit crate
    • 5275733 chore(deps): update compatible (dev)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump env_logger from 0.9.3 to 0.10.0

    Bump env_logger from 0.9.3 to 0.10.0

    Bumps env_logger from 0.9.3 to 0.10.0.

    Changelog

    Sourced from env_logger's changelog.

    [0.10.0] - 2022-11-24

    MSRV changed to 1.60 to hide optional dependencies

    Fixes

    • Resolved soundness issue by switching from atty to is-terminal

    Breaking Changes

    To open room for changing dependencies:

    • Renamed termcolor feature to color
    • Renamed atty feature to auto-color
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Add IgnoreChannelError option to subscriptions

    Add IgnoreChannelError option to subscriptions

    The Ignore Channel Error option allows you to decide whether a client should continue processing a subscription if an error occurs within its channel filters :

    • true: the error is ignored (default)
    • false: the processing stops if an error occurs

    Prior to this update, this option was hardcoded to true.

    See documentation for more details: [MS-WSMV] 3.1.4.1.30.1 Subscription Options :

    This option determines if various filtering options resulting in errors in different channels
    are to result in termination of the processing. It has the xsi:nil attribute associated with it, 
    whose value is set to "true", meaning that the filtering errors in different channels MUST be
    ignored by the subscription service and processing SHOULD continue.
    
    opened by vruello 0
  • Makes ContentFormat modifiable

    Makes ContentFormat modifiable

    ContentFormat used to be hardcoded as "RenderedText". This means that all subscriptions retrieved RenderingInfo of all events.

    RenderingInfo can be useful for event analysis but it increases event size. It seems necessary to make it configurable.

    With this PR, ContentFormat is configurable and can have 2 values: "RenderedText" or "Raw".

    See documentation for more details: [MS-WSMV] 3.1.4.1.30.1 Subscription Options :

    This option determines how the event data will be received by the event subscriber. If the value of this option is "RenderedText", both the event data and rendering information are passed, whereas event data is contained within the element and rendering info is contained with the element , so that the event can be displayed by the event subscriber according to a predefined format. The default value for this option is "Raw", which means that only event data will be passed without any rendering information.

    opened by WilliamBruneau 0
  • Bump serial_test from 0.10.0 to 2.0.0

    Bump serial_test from 0.10.0 to 2.0.0

    Bumps serial_test from 0.10.0 to 2.0.0.

    Release notes

    Sourced from serial_test's releases.

    v2.0.0

    Main change is the Syn 2.x upgrade which required an MSRV bump. MSRV is now 1.68.2. Note this is minimum supported, as it may well compile with lower versions, but they're not supported at all.

    There's also a small bug fix for an issue when running under vscode and stripping attributes

    Full Changelog: https://github.com/palfrey/serial_test/compare/v1.0.0...v2.0.0

    v1.0.0

    Nothing since 0.10.0. Well, a test dependency upgrade on tokio, but nothing in the published library. This is mainly just as a "1.0!" release.

    Commits
    • 7e3a5ca 2.0.0
    • a7222e1 Merge pull request #96 from palfrey/syn-2
    • 113f076 Upgrade to Syn 2
    • 21b7a7f Merge pull request #94 from palfrey/remove-ignore-ignore
    • fc0497c Stop stripping ignore/should_panic attributes
    • 7d6af09 Merge pull request #91 from palfrey/dependabot/cargo/tokio-1.18.5
    • 1607dec Bump tokio from 1.18.4 to 1.18.5
    • 30b772a Merge pull request #92 from palfrey/test-rust-version
    • c1c65d2 Set rust-version in test to fix clippy issue
    • 47d09d0 1.0.0
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump rdkafka from 0.28.0 to 0.32.2

    Bump rdkafka from 0.28.0 to 0.32.2

    Bumps rdkafka from 0.28.0 to 0.32.2.

    Changelog

    Sourced from rdkafka's changelog.

    Changelog

    See also the rdkafka-sys changelog.

    Unreleased

    0.32.1 (2023-06-09)

    • Add support for the cluster mock API.
    • Expose assignment_lost method on the consumer.

    0.31.0 (2023-05-17)

    • Breaking change. Pass KafkaError to rebalance hooks instead of human-readable string representation.

    0.30.0 (2023-05-12)

    • Support for unassigning static partitions by passing null to rdsys::rd_kafka_assign and expose the feature as unassign in base_consumer

    • Expose rdsys::rd_kafka_incremental_assign and rdsys::rd_kafka_incremental_unassign in base_consumer for incremental changes to static assignments

    • Breaking change. util::get_rdkafka_version now returns (i32, String). Previously, it returned (u16, String) which would silently truncate the hex representation of the version:

      Interpreted as hex MM.mm.rr.xx:

      MM = Major mm = minor rr = revision xx = pre-release id (0xff is the final release) E.g.: 0x010902ff = 1.9.2

    • Add the AdminClient::delete_groups method, which deletes consumer groups from a Kafka cluster (#510).

      Thanks, @​andrewinci.

    #510: fede1024/rust-rdkafka#510

    • Add support for the purge API, that allows retreiving messages that were queued for production when shutting down. It is automatically called on Drop. Fixes leaking associated data (futures...).

    0.29.0 (2022-10-29)

    ... (truncated)

    Commits
    • b46a1d3 Update pin of rdkafka-sys to latest.
    • 97688d7 Release v4.5.0+1.9.2
    • 157d81e Fix version.
    • f09348e Release 0.32.0.
    • 83e9a50 Expose assignment_lost
    • 0048649 Add entry in the changelog
    • 49eaf5d Add example for the mock API
    • 9198dba Add missing mock APIs
    • 536c0af Adapt to project style and few minor fixes
    • b3a9e7a mocking: Add support for mock cluster reference from Client configured with t...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump roxmltree from 0.15.1 to 0.18.0

    Bump roxmltree from 0.15.1 to 0.18.0

    Bumps roxmltree from 0.15.1 to 0.18.0.

    Changelog

    Sourced from roxmltree's changelog.

    [0.18.0] - 2023-02-04

    Added

    • StringStorage that exposes an internal string storage.
    • Allocated strings are stored as Arc<str> and not String now.
    • Node::text_storage
    • Node::tail_storage
    • Attribute::value_storage
    • Node::range

    Removed

    • Node::position. Use Node::range instead.

    Fixed

    [0.17.0] - 2023-01-06

    Added

    • Stored namespaces are deduplicated now, which can reduce memory usage on large files up to 10%. Thanks to @​adamreichold

    Changed

    • Node::namespaces returns an iterator and not a slice now.

    Fixed

    [0.16.0] - 2022-11-20

    Added

    • positions build feature.
    • Node::position
    • Attribute::position
    • ParsingOptions::nodes_limit to limit the maximum number of nodes to parse.

    Changed

    • Peak memory usage reduces by up to 20% depending on an input. Thanks to @​adamreichold and @​tomjw64.
    • Node::attributes returns an iterator and not a slice now.

    Removed

    • 4GB input limit.
    • Do not store Node and Attribute end range in the original document.
    • Do not store attribute value range in the original document.
    • Node::range. Use position instead.
    • Attribute::range. Use position instead.
    • Attribute::value_range
    Commits
    • 8f6f14b Version bump.
    • c4d622f Store node's end position again.
    • 3d33827 Use ref-counted owned strings.
    • e817186 Expose 'input lifetime where it is the backing lifetime.
    • 0b12673 Use consistent debug impls for the various iterators that avoid formatting th...
    • b81ec71 Version bump.
    • 0553f41 Detect unclosed root nodes.
    • bf055e7 Fix-ups to the deduplication of namespaces.
    • 3a490a5 Provide a named type for the iterator returned by Node::namespaces and expand...
    • 192d45e Only allocate normalized namespace URI when they are uniquely new.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump base64 from 0.13.1 to 0.21.2

    Bump base64 from 0.13.1 to 0.21.2

    Bumps base64 from 0.13.1 to 0.21.2.

    Changelog

    Sourced from base64's changelog.

    0.21.2

    • Rollback MSRV to 1.57.0 -- only dev dependencies need 1.60, not the main code

    0.21.1

    • Remove the possibility of panicking during decoded length calculations
    • DecoderReader no longer sometimes erroneously ignores padding #226

    Breaking changes

    • Engine.internal_decode return type changed
    • Update MSRV to 1.60.0

    0.21.0

    Migration

    Functions

    < 0.20 function 0.21 equivalent
    encode() engine::general_purpose::STANDARD.encode() or prelude::BASE64_STANDARD.encode()
    encode_config() engine.encode()
    encode_config_buf() engine.encode_string()
    encode_config_slice() engine.encode_slice()
    decode() engine::general_purpose::STANDARD.decode() or prelude::BASE64_STANDARD.decode()
    decode_config() engine.decode()
    decode_config_buf() engine.decode_vec()
    decode_config_slice() engine.decode_slice()

    The short-lived 0.20 functions were the 0.13 functions with config replaced with engine.

    Padding

    If applicable, use the preset engines engine::STANDARD, engine::STANDARD_NO_PAD, engine::URL_SAFE, or engine::URL_SAFE_NO_PAD. The NO_PAD ones require that padding is absent when decoding, and the others require that canonical padding is present .

    If you need the < 0.20 behavior that did not care about padding, or want to recreate < 0.20.0's predefined Configs precisely, see the following table.

    0.13.1 Config 0.20.0+ alphabet encode_padding decode_padding_mode
    STANDARD STANDARD true Indifferent
    STANDARD_NO_PAD STANDARD false Indifferent
    URL_SAFE URL_SAFE true Indifferent
    URL_SAFE_NO_PAD URL_SAFE false Indifferent

    ... (truncated)

    Commits
    • 1e8246a v0.21.2
    • 13690af Merge pull request #239 from marshallpierce/mp/msrv
    • 02af00a Roll back MSRV to 1.57.0
    • 09c7907 Remove readme comments about benches needing nightly
    • f589cde Merge pull request #238 from marshallpierce/mp/decoder-reader-padding
    • 57e2334 Fix DecoderReader handling of padding
    • f766bc6 Merge pull request #223 from marshallpierce/mp/add_padding_len
    • 9687b03 Switch add_padding() to use encoded len
    • 29ed4d0 Merge pull request #217 from marshallpierce/mp/decode-estimate
    • 453d15d Update release notes
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump quick-xml from 0.25.0 to 0.29.0

    Bump quick-xml from 0.25.0 to 0.29.0

    Bumps quick-xml from 0.25.0 to 0.29.0.

    Release notes

    Sourced from quick-xml's releases.

    Serde helpers and indentation for async writer

    What's Changed

    New Features

    • #601: Add serde_helper module to the crate root with some useful utility functions and document using of enum's unit variants as a text content of element.
    • #606: Implement indentation for AsyncWrite trait implementations.

    Bug Fixes

    • #603: Fix a regression from #581 that an XML comment or a processing instruction between a and the root element in the file brokes deserialization of structs by returning DeError::ExpectedStart
    • #608: Return a new error Error::EmptyDocType on empty doctype instead of crashing because of a debug assertion.

    Misc Changes

    • #594: Add a helper macro to help deserialize internally tagged enums with Serde, which doesn't work out-of-box due to serde limitations.

    #581: tafia/quick-xml#581 #594: tafia/quick-xml#594 #601: tafia/quick-xml#601 #603: tafia/quick-xml#603 #606: tafia/quick-xml#606 #608: tafia/quick-xml#608

    New Contributors

    Full Changelog: https://github.com/tafia/quick-xml/compare/v0.28.2...v0.29.0

    EntityResolver for deserializer and export EscapeError

    What's Changed

    New Features

    • #581: Allow Deserializer to set quick_xml::de::EntityResolver for resolving unknown entities that would otherwise cause the parser to return an [EscapeError::UnrecognizedSymbol] error.

    Misc Changes

    • #584: Export EscapeError from the crate
    • #581: Relax requirements for unsescape_* set of functions -- their now use FnMut instead of Fn for resolve_entity parameters, like Iterator::map from std.

    #581: tafia/quick-xml#581 #584: tafia/quick-xml#584

    ... (truncated)

    Changelog

    Sourced from quick-xml's changelog.

    0.29.0 -- 2023-06-13

    New Features

    • #601: Add serde_helper module to the crate root with some useful utility functions and document using of enum's unit variants as a text content of element.
    • #606: Implement indentation for AsyncWrite trait implementations.

    Bug Fixes

    • #603: Fix a regression from #581 that an XML comment or a processing instruction between a and the root element in the file brokes deserialization of structs by returning DeError::ExpectedStart
    • #608: Return a new error Error::EmptyDocType on empty doctype instead of crashing because of a debug assertion.

    Misc Changes

    • #594: Add a helper macro to help deserialize internally tagged enums with Serde, which doesn't work out-of-box due to serde limitations.

    #581: tafia/quick-xml#581 #594: tafia/quick-xml#594 #601: tafia/quick-xml#601 #603: tafia/quick-xml#603 #606: tafia/quick-xml#606 #608: tafia/quick-xml#608

    0.28.2 -- 2023-04-12

    New Features

    • #581: Allow Deserializer to set quick_xml::de::EntityResolver for resolving unknown entities that would otherwise cause the parser to return an [EscapeError::UnrecognizedSymbol] error.

    Misc Changes

    • #584: Export EscapeError from the crate
    • #581: Relax requirements for unsescape_* set of functions -- their now use FnMut instead of Fn for resolve_entity parameters, like Iterator::map from std.

    #581: tafia/quick-xml#581 #584: tafia/quick-xml#584

    0.28.1 -- 2023-03-19

    ... (truncated)

    Commits
    • 5a536d0 Release v0.29.0
    • 7629a70 Change names of methods that emits events to reflect their purpose
    • 70f4a9c Change order of variants, group text variants together
    • 621da10 Merge pull request #594 from Kriskras99/master
    • 858118e Add a helper macro to help deserialize internally tagged enums with Serde
    • 88a2f27 Merge pull request #612 from Tpt/empty-doctype
    • a86340b Fails on empty doctype
    • 358cc58 Merge pull request #603 from danjpgriffin/master
    • d49f2d5 Trim Text events after DOCTYPE so spaces does not produce an event.
    • c8332d9 Add tests for comments and processing instructions in XML prolog
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Add syslog output

    Add syslog output

    Some SIEM can only receive logs in syslog messages. To support these SIEM, we need to add a syslog output.

    cf RFC 5424.

    It may be useful to add 2 variant of syslog output for TCP and UDP.

    enhancement 
    opened by WilliamBruneau 0
Releases(v0.1.0)
Owner
CEA IT Security
IT Security at the French Alternative Energies and Atomic Energy Commission
CEA IT Security
Use Git installed in Bash on Windows/Windows Subsystem for Linux (WSL) from Windows and Visual Studio Code (VSCode)

WSLGit This project provides a small executable that forwards all arguments to git running inside Bash on Windows/Windows Subsystem for Linux (WSL). T

A. R. S. 1.1k Jan 3, 2023
A toy event store and event messaging system.

RDeeBee Follow this blog series for more details on this project. This system is inspired by Martin Kleppman's arguments that Event Sourcing system an

null 4 Nov 6, 2022
A collection of semi-useful tools made for GNU/Linux

DECTOOLS A collection of semi-useful tools made for GNU/Linux. Some may work on macOS, though functionality isn't a priority. Depenencies: python, bas

Decator 3 Jun 8, 2022
Apple dynamic HEIF wallpapers on GNU/Linux.

timewall Apple dynamic HEIF wallpapers on GNU/Linux. Features: Support for original HEIF/HEIC dynamic wallpaper files used in MacOS. Support for all s

Bazyli Cyran 15 Dec 15, 2022
This is the data collector that gets your system's state and sends it to the backend

⚡ Installation Linux curl -s https://raw.githubusercontent.com/xornet-cloud/Reporter/main/scripts/install.sh | sudo bash Windows Invoke-Command -Scrip

Xornet 18 Sep 3, 2022
Active Directory data collector for BloodHound written in Rust. 🦀

RustHound Summary Limitation Description How to compile it? Using Makefile Using Dockerfile Using Cargo Linux x86_64 static version Windows static ver

OPENCYBER 575 Apr 25, 2023
An easy-to-use, incremental, multi-threaded garbage collector for Rust

Refuse An easy-to-use, incremental, multi-threaded garbage collector for Rust. //! A basic usage example demonstrating the garbage collector. use refu

Khonsu Labs 6 May 3, 2024
A super simple /sbin/init for Linux which allows running one and only one program

Summary High-performance /sbin/init program for Linux This is designed to do literally nothing but accept binaries over the network and run them as a

null 19 Dec 4, 2023
Cross-platform Rust rewrite of the GNU coreutils

Cross-platform Rust rewrite of the GNU coreutils

null 13k Jan 8, 2023
A GSL (the GNU Scientific Library) binding for Rust

rust-GSL A Rust binding for the GSL library (the GNU Scientific Library). The minimum support Rust version is 1.54. Installation This binding requires

Guillaume Gomez 157 Dec 15, 2022
Windows-rs - Rust for Windows

Rust for Windows The windows crate lets you call any Windows API past, present, and future using code generated on the fly directly from the metadata

Microsoft 7.7k Dec 30, 2022
Switch windows of same app with alt + ` on windows pc.

Windows Switcher Switch windows of same app with alt + ` on windows pc. 250k single file executable downloaded from Github Release. No installation re

null 172 Dec 10, 2022
Use Thunk to build your Rust program that runs on old Windows platforms, support Windows XP and more!

Use Thunk to build your Rust program that runs on old platforms. Thunk uses VC-LTL5 and YY-Thunks to build programs that support old platforms. So, ho

null 6 May 21, 2023
Windows Capture Simple Screen Capture for Windows 🔥

Windows Capture   Windows Capture is a highly efficient Rust library that enables you to effortlessly capture the screen using the Graphics Capture AP

null 3 Sep 24, 2023
Shared memory - A Rust wrapper around native shared memory for Linux and Windows

shared_memory A crate that allows you to share memory between processes. This crate provides lightweight wrappers around shared memory APIs in an OS a

elast0ny 274 Dec 29, 2022
A library to capture the Screen on Linux, MacOS and Windows.

Captis - A library for capturing the screen on Linux, MacOS and Windows It's a fairly simple library that performs good enough, the OS level APIs that

CrewNew.com 17 Dec 23, 2022
A todo list from terminal. Compatible with Linux and Windows, not tested on macOS

todocli A todo list from terminal. Compatible with Linux and Windows, not tested on macOS (not planing on support tho). Note: Currently being rewritte

Patommmmm 3 Dec 12, 2022
Toggleable cron reminders app for Mac, Linux and Windows

Remind Me Again Remind Me Again Toggleable reminders app for Mac, Linux and Windows Download for Mac, Windows or Linux Dev instructions Get started In

Kasper 42 Apr 22, 2023
Maccha is an extremely extensible and themable power menu for Windows, macOS, and Linux.

Maccha I hate coffee. Maccha is an extremely extensible and themable power menu for Windows, macOS, and Linux. Plugins Plugins are written in Rust (ot

Kyza 9 May 13, 2023