Neue Version 0.5 unseres Windows Syslog Client "NeoLogger"

by Jun 3, 2012

Die neue Version 0.5 von NeoLogger überwacht jetzt auch ein Verzeichnis (-dir) und Unterverzeichnisse (-sub) auf Änderungen an Dateien mit Endung “.log” (-ff) und sendet alle neuen Zeilen (-tail) mit dem Dateinamen der geänderten Datei als Prefix (-fn) an den angegebenen Server (-t) per Syslog.
neolog.exe -d -t 10.0.0.1 -dir “C:\logfiles” -sub -ff “*.log” -fn -tail
Das sieht dann so aus:

Sending to 127.0.0.1 Port 514 : C:\logfiles\test.log : First new line in log file
Sending to 127.0.0.1 Port 514 : C:\logfiles\test.log : Second new line in log file
Sending to 127.0.0.1 Port 514 : C:\logfiles\subdirectory\another.log : Another line in a log file

Neologger überwacht das Verzeichnis (-d) auf Änderungen (-watch) und zeigt an, mit welcher Datei WAS passiert ist. (Changed, Created, Deleted, Renamed)
nelog.exe -d -t 10.0.0.1 -dir “C:\fileshare” -watch
Das sieht dann so aus:

Sending to 127.0.0.1 Port 514 : NeoLogger: File C:\logfiles\windows.log - Changed
Sending to 127.0.0.1 Port 514 : NeoLogger: File C:\logfiles\super.log - Deleted
Sending to 127.0.0.1 Port 514 : NeoLogger: File C:\logfiles\readme.txt C:\logfiles\readme-new.txt - Renamed

NeoLogger finden Sie in unserer Download Sektion. Eine ausführliche Beschreibung aller Funktionen findet sich hier.

About the author:

Florian Roth

Florian Roth serves as the Head of Research and Development at Nextron Systems. With a background in IT security since 2000, he has delved deep into nation-state cyber attacks since 2012. Florian has developed the THOR Scanner and actively engages with the community via his Twitter handle @cyb3rops. He has contributed to open-source projects, including 'Sigma', a generic SIEM rule format, and 'LOKI', an open-source scanner. Additionally, he has shared valuable resources like a mapping of APT groups and operations and an Antivirus Event Analysis Cheat Sheet.

Subscribe to our Newsletter

Monthly news, tips and insights.

Follow Us

Upgrade Your Cyber Defense with THOR

Detect hacker activity with the advanced APT scanner THOR. Utilize signature-based detection, YARA rules, anomaly detection, and fileless attack analysis to identify and respond to sophisticated intrusions.

GDPR Cookie Consent with Real Cookie Banner