I have a question regarding detection on Logs as a more quiet attack
could not lead to the domain controller’s password being changed. Thus
4742 might not be generated.Have you other ideas on how to detect
anything on logs (maybe based on new event I...
Thanks for the work. How did you generate the data.meta file? Indeed, it
would be interesting for us to generate one with our own custom parsers
and our own table-maps and index files..If we could recreate a data.meta
file with our own parsers etc. i...
Hi Lee!Thanks for this interesting blogpost. Nice job.Would you think
there is a way to use CALDERA with logs as well?Or don't you think this
would be either interesting or even possible?Thanks.Carole
