-
-
Notifications
You must be signed in to change notification settings - Fork 7
How SWELF Works
SWELF is a C# application that will read your stored event logs, analyze them, and store/forward them to what you have configured. This cuts down on junk logs you SIEM will see. This saves on data usage for your SIEM's input and help with analysis. SWELF attempts to be a drop and run application, with no install and no dependencies from 3rd parties. It has no GUI but does tell you everything through your windows Eventlog service. It will register its own Eventlog and communicate with you that way. It is a logging agent after all. The developer did set out to make it as simple an app as possible and as such all design decisions are intended to reflect that train of thought.
SWELF will also take steps to Identify log tampering and attempts to tamper with SWELF.
- Home
- How it Works
- Knowledge Base
- Configuration
- Searchs
- Plugins
- Usage
- Extras
- SWELF Logging
- SWELF Development