cmdReporter Wiki

2.3 - July 2019

New Features:

  • Microphone activations and/or recording events
  • Camera activations and/or recording events
  • Full cmdReporter preference configuration printed to log on launch
  • SHA1 hashing of all execution and file event paths
  • Child execution events now have parent process path information
  • TLS syslog remote endpoint logging (Public Beta)
  • Full release of Kafka remote endpoint logging
  • Full release of Logstash and REST API remote endpoint logging

Bug Fixes:

  • Improved execution event parent/child mapping for execution trees
  • Improved event filtering using parent/child map
    • If parent process is filtered, better logic to filter child events

New Preference Keys:

<!-- New Remote Type -->
LogRemoteEndpointType = TLS
LogRemoteEndpointURL = "tls://server.company.com:9977"

<!-- New log output format -->
SyslogFormatEnabled = 1

<!-- New Remote Certificate Preferences -->
LogRemoteEndpointTLS =     {
        TLSServerCertificate = "-----BEGIN CERTIFICATE-----
MIIDqTCCApECCQDWiXa1rlad3TANBgkqhkiG9w0BAQUFADCBrzELMAkGA1UEBhMC..."
}


Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.