Releases · criblpacks/cribl-windows-events · GitHub

30 Jan 19:34

v1.0.4 Latest

Latest

No updates, final release. See Pack README for new Cribl Classic and XML Packs that are compatible with the Windows TA.

Assets 2

05 Apr 14:58

Classic Events Pipeline Update

Fixes performance issue with the Mask when using internal fields. The Classic Events pipeline is no longer using __raw with the Mask function.

Assets 3

21 Mar 11:33

Minor cleanup

v1.0.2

Minor cleanup

Assets 3

14 Mar 17:48

Minor tweaks to NXLog Pipeline

Full Changelog: v1.0.0...v1.0.1

Assets 3

09 Mar 15:28

Added support for NXLog Windows Events and Perfmon

Added support for:

Windows events that come in from NXLog
Perfmon

Assets 3

09 Feb 16:42

Updated XML pipelines to support nesting

Minor tweaks to classic event pipeline
Replaced Windows XML pipeline

Assets 3

31 Jan 18:10

Added support for embedded code in classic events

What's Changed

Added support for embedded code or scripts by @dmaislin-cribl in #6

Full Changelog: v0.9.1...v0.9.2

Contributors

dmaislin-cribl

Assets 3

27 Jan 14:00

Added Support for Embedded XML in Classic Events

Added new Route/Pipeline for handling Classic Events with embedded XML

What's Changed

Embedded XML message in Classic Events by @dmaislin-cribl in #5

Full Changelog: v0.9.0...v0.9.1

Contributors

dmaislin-cribl

Assets 3

27 Jan 12:54

Rewrite of Windows Classic Events Pipeline and Added DNS

What's Changed

Updated Classic Pipeline and Added DNS Pipeline by @dmaislin-cribl in #4

Full Changelog: v0.5.5...v0.9.0

Contributors

dmaislin-cribl

Assets 3

19 Aug 17:47

v0.5.5 - Keep cribl_breaker

Added Field Filter Expression to Classic Pipeline final Parser to optionally remove values of '-'
Updated Eval to keep cribl_breaker from drop all fields
Updated sample data

Assets 3