- Client agent launched on startup as Windows service
- Server monitoring screen can be installed on any webserver
- Portable database with SQLITE
- Transferred events secured by a server token
- Crowdsec IP reputation integration + optimizations
- Alerts can be sent by email
- Loaded DLL detections
For installation, see main Readme :
https://github.com/Processus-Thief/ETWMonitor