GitHub

rhpenguin/Winlogbeat-javascript-processor-example

HelloWorld module: Add a "greeting: hello, world!" field into Sysmon event logs. Psdecode module: Decode PowerShell's -EncodedCommand (-enc) args, split the decoded args and add them into Sysmon event ...