Skip to content
/ openwec Public
forked from cea-sec/openwec

An implementation of a Windows Event Collector server running on GNU/Linux.

License

Notifications You must be signed in to change notification settings

MrAnno/openwec

This branch is 15 commits behind cea-sec/openwec:main.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

92e0d8e · Jan 17, 2025
Jan 17, 2025
Nov 26, 2024
Nov 23, 2024
Nov 26, 2024
Nov 1, 2024
Nov 1, 2024
Nov 1, 2024
Sep 22, 2023
May 2, 2024
Sep 29, 2023
Oct 26, 2024
Nov 11, 2024
Sep 1, 2023
Jun 5, 2023
May 2, 2024
Nov 23, 2024
Nov 23, 2024

Repository files navigation

OpenWEC

OpenWEC is a free and open source (GPLv3) implementation of a Windows Event Collector server running on GNU/Linux and written in Rust.

OpenWEC collects Windows event logs from a Linux machine without the need for a third-party local agent running on Windows machines.

OpenWEC implements the Windows Event Forwarding protocol (MS-WSMV), which is derived from WS-Management (DSP0226). The same protocol is used by the built-in Windows Event Forwarding plugin. As it speaks the same protocol, OpenWEC can be used with the built-in Windows Event Forwarding plugin. Only the source-initiated mode (Push) is supported for now.

OpenWEC is composed of two binaries:

  • openwecd: OpenWEC server
  • openwec: OpenWEC CLI, used to manage the OpenWEC server

The OpenWEC configuration is read from a file (by default /etc/openwec.conf.toml). See available parameters in openwec.conf.sample.toml. Subscriptions and their parameters are stored in a database and can be managed using openwec (see CLI documentation).

Documentation

Contributing

Any contribution is welcome, be it code, bug report, packaging, documentation or translation.

License

OpenWEC is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

OpenWEC is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with OpenWEC. If not, see the gnu.org web site.

About

An implementation of a Windows Event Collector server running on GNU/Linux.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Rust 99.6%
  • Other 0.4%