{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":395658506,"defaultBranch":"master","name":"chainsaw","ownerLogin":"WithSecureLabs","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2021-08-13T13:07:24.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/99874690?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1713192305.0","currentOid":""},"activityList":{"items":[{"before":"3b2a9eb409d73b89fb51bf4122333ad1484091e8","after":"97eafcfa378169e827810048897eaee1e4f5b9e8","ref":"refs/heads/master","pushedAt":"2024-05-27T13:40:54.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"feat(dump): allow dumping of multiple files (#169)","shortMessageHtmlLink":"feat(dump): allow dumping of multiple files (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2312818175\" data-permission-text=\"Title is private\" data-url=\"https://github.com/WithSecureLabs/chainsaw/issues/169\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/WithSecureLabs/chainsaw/pull/169/hovercard\" href=\"https://github.com/WithSecureLabs/chainsaw/pull/169\">#169</a>)"}},{"before":"cbfa13f7451de442dd05961a3614fb41fef8aca3","after":"3b2a9eb409d73b89fb51bf4122333ad1484091e8","ref":"refs/heads/master","pushedAt":"2024-04-15T17:27:31.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"FranticTyping","name":"James D","path":"/FranticTyping","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8268953?s=80&v=4"},"commit":{"message":"Merge pull request #167 from WithSecureLabs/james/testing\n\nchore: pub mod rule","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2244241280\" data-permission-text=\"Title is private\" data-url=\"https://github.com/WithSecureLabs/chainsaw/issues/167\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/WithSecureLabs/chainsaw/pull/167/hovercard\" href=\"https://github.com/WithSecureLabs/chainsaw/pull/167\">#167</a> from WithSecureLabs/james/testing"}},{"before":"26bd06efa77963c5617cdef8ef8d1b9ab69112ac","after":"cbfa13f7451de442dd05961a3614fb41fef8aca3","ref":"refs/heads/master","pushedAt":"2024-04-15T14:45:02.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"build: bump to version 2.9.0","shortMessageHtmlLink":"build: bump to version 2.9.0"}},{"before":"b1f7e481e9700769ce7a0d645644269feb709b1c","after":"26bd06efa77963c5617cdef8ef8d1b9ab69112ac","ref":"refs/heads/master","pushedAt":"2024-04-15T13:55:51.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"FranticTyping","name":"James D","path":"/FranticTyping","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8268953?s=80&v=4"},"commit":{"message":"Merge pull request #166 from WithSecureLabs/fix/default_match_all\n\nfix: change default search behaviour to match_all","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2243758008\" data-permission-text=\"Title is private\" data-url=\"https://github.com/WithSecureLabs/chainsaw/issues/166\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/WithSecureLabs/chainsaw/pull/166/hovercard\" href=\"https://github.com/WithSecureLabs/chainsaw/pull/166\">#166</a> from WithSecureLabs/fix/default_match_all"}},{"before":null,"after":"aac0508cb42ea0968496ac343c2a37d58618796c","ref":"refs/heads/fix/default_match_all","pushedAt":"2024-04-15T13:54:53.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"FranticTyping","name":"James D","path":"/FranticTyping","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8268953?s=80&v=4"},"commit":{"message":"fix: change default search behaviour to match_all","shortMessageHtmlLink":"fix: change default search behaviour to match_all"}},{"before":"5f8a34cec4619f2f5865793e6128b31d4d0a9679","after":"f614390090409f743f5dcbcc09665212a6c8056f","ref":"refs/heads/james/testing","pushedAt":"2024-04-14T23:17:48.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"FranticTyping","name":"James D","path":"/FranticTyping","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8268953?s=80&v=4"},"commit":{"message":"pub mod","shortMessageHtmlLink":"pub mod"}},{"before":"f6a6941c69ebbb74a53f36038828cb1ebfcaf11f","after":"b1f7e481e9700769ce7a0d645644269feb709b1c","ref":"refs/heads/master","pushedAt":"2024-04-14T23:14:15.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"FranticTyping","name":"James D","path":"/FranticTyping","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8268953?s=80&v=4"},"commit":{"message":"Merge pull request #165 from WithSecureLabs/feat/tau_match_all\n\nfeat: extend match_all option to tau patterns","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2242419135\" data-permission-text=\"Title is private\" data-url=\"https://github.com/WithSecureLabs/chainsaw/issues/165\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/WithSecureLabs/chainsaw/pull/165/hovercard\" href=\"https://github.com/WithSecureLabs/chainsaw/pull/165\">#165</a> from WithSecureLabs/feat/tau_match_all"}},{"before":null,"after":"67fc2015bb4edfe2e9cfa7746b1e7bec934af283","ref":"refs/heads/feat/tau_match_all","pushedAt":"2024-04-14T23:12:33.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"FranticTyping","name":"James D","path":"/FranticTyping","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8268953?s=80&v=4"},"commit":{"message":"feat: extend match_all option to tau patterns","shortMessageHtmlLink":"feat: extend match_all option to tau patterns"}},{"before":null,"after":"5f8a34cec4619f2f5865793e6128b31d4d0a9679","ref":"refs/heads/james/testing","pushedAt":"2024-03-27T17:30:10.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"FranticTyping","name":"James D","path":"/FranticTyping","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8268953?s=80&v=4"},"commit":{"message":"pub mod","shortMessageHtmlLink":"pub mod"}},{"before":"4a580125ac935794cf154651e248fdace7de2573","after":"f6a6941c69ebbb74a53f36038828cb1ebfcaf11f","ref":"refs/heads/master","pushedAt":"2024-03-22T14:48:04.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"refactor: handle upstream deprecations","shortMessageHtmlLink":"refactor: handle upstream deprecations"}},{"before":"e47f9ce066960795675a2e45e491d0e52016c05f","after":"4a580125ac935794cf154651e248fdace7de2573","ref":"refs/heads/master","pushedAt":"2024-03-22T14:34:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"fix: incorrect use of timezones (#164)","shortMessageHtmlLink":"fix: incorrect use of timezones (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2202297481\" data-permission-text=\"Title is private\" data-url=\"https://github.com/WithSecureLabs/chainsaw/issues/164\" data-hovercard-type=\"issue\" data-hovercard-url=\"/WithSecureLabs/chainsaw/issues/164/hovercard\" href=\"https://github.com/WithSecureLabs/chainsaw/issues/164\">#164</a>)"}},{"before":"837bcd2221f8404322c242e43a73455c12366359","after":"e47f9ce066960795675a2e45e491d0e52016c05f","ref":"refs/heads/master","pushedAt":"2024-03-06T20:49:58.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"feat: match_all option for regex patterns (#163)","shortMessageHtmlLink":"feat: match_all option for regex patterns (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2172352273\" data-permission-text=\"Title is private\" data-url=\"https://github.com/WithSecureLabs/chainsaw/issues/163\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/WithSecureLabs/chainsaw/pull/163/hovercard\" href=\"https://github.com/WithSecureLabs/chainsaw/pull/163\">#163</a>)"}},{"before":"0ab4f66ef3847e918b2ae10b313908b97601828e","after":"3d68a5d8e8c01659c878f1a65bd64e686cf3674c","ref":"refs/heads/feat/string_match_all","pushedAt":"2024-03-06T20:12:27.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"FranticTyping","name":"James D","path":"/FranticTyping","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8268953?s=80&v=4"},"commit":{"message":"feat: match_all option for regex patterns","shortMessageHtmlLink":"feat: match_all option for regex patterns"}},{"before":null,"after":"0ab4f66ef3847e918b2ae10b313908b97601828e","ref":"refs/heads/feat/string_match_all","pushedAt":"2024-03-06T20:07:07.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"FranticTyping","name":"James D","path":"/FranticTyping","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8268953?s=80&v=4"},"commit":{"message":"feat: match_all option for regex patterns","shortMessageHtmlLink":"feat: match_all option for regex patterns"}},{"before":"c1afc97e0b81e2ae9aa13b3699edc7f448b5f9b8","after":"837bcd2221f8404322c242e43a73455c12366359","ref":"refs/heads/master","pushedAt":"2024-02-06T09:53:13.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"feat(rules): add kerberoasting related rules","shortMessageHtmlLink":"feat(rules): add kerberoasting related rules"}},{"before":"936eb43ff0cd7e6238d6c2deda6f52c89e9fa276","after":"c1afc97e0b81e2ae9aa13b3699edc7f448b5f9b8","ref":"refs/heads/master","pushedAt":"2024-01-11T16:34:16.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"add nix flake","shortMessageHtmlLink":"add nix flake"}},{"before":"b8141924fd2bd23543190af2900e55b4a1ffc75a","after":"936eb43ff0cd7e6238d6c2deda6f52c89e9fa276","ref":"refs/heads/master","pushedAt":"2024-01-08T16:28:12.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"Rule for F-Secure Client Security 11 & 12","shortMessageHtmlLink":"Rule for F-Secure Client Security 11 &amp; 12"}},{"before":"3678f0bba2e96bfdc0333bf464dbcf76f158fa7b","after":"b8141924fd2bd23543190af2900e55b4a1ffc75a","ref":"refs/heads/master","pushedAt":"2024-01-06T14:42:19.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"Fix for User Field for Security Essentials","shortMessageHtmlLink":"Fix for User Field for Security Essentials"}},{"before":"ee7c45fefc93fbb61620f097315a0f96ce2ce906","after":"3678f0bba2e96bfdc0333bf464dbcf76f158fa7b","ref":"refs/heads/master","pushedAt":"2023-12-31T18:23:57.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"Another Sigma Mapping Update","shortMessageHtmlLink":"Another Sigma Mapping Update"}},{"before":"84965681cf3cf1ffa04e2d9880ac73e8a9e6e198","after":"ee7c45fefc93fbb61620f097315a0f96ce2ce906","ref":"refs/heads/master","pushedAt":"2023-12-31T13:53:18.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"Service Installation 7045 Rules","shortMessageHtmlLink":"Service Installation 7045 Rules"}},{"before":"1c394c211466a09e7c73f56e132f25c9ed8d6e73","after":"84965681cf3cf1ffa04e2d9880ac73e8a9e6e198","ref":"refs/heads/master","pushedAt":"2023-12-31T13:50:57.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"Fixes to rasvpn rules","shortMessageHtmlLink":"Fixes to rasvpn rules"}},{"before":"89c8ddd083a804aa63ba275ab32645a2e221acd1","after":"1c394c211466a09e7c73f56e132f25c9ed8d6e73","ref":"refs/heads/master","pushedAt":"2023-12-27T22:18:12.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"FranticTyping","name":"James D","path":"/FranticTyping","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8268953?s=80&v=4"},"commit":{"message":"Merge pull request #153 from reece394/master\n\nUpdate Windows Defender rule to filter for key EventIDs","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2057606046\" data-permission-text=\"Title is private\" data-url=\"https://github.com/WithSecureLabs/chainsaw/issues/153\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/WithSecureLabs/chainsaw/pull/153/hovercard\" href=\"https://github.com/WithSecureLabs/chainsaw/pull/153\">#153</a> from reece394/master"}},{"before":"315e1ce55c89d80461a85ff0cd0f8ae8043bb1b0","after":"89c8ddd083a804aa63ba275ab32645a2e221acd1","ref":"refs/heads/master","pushedAt":"2023-12-12T17:12:48.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"fix: dedupe backslashes in json stringification for searching\n\nWe don't want valid JSON for searching we just want a long string of\nkeys and values, thus we need to remove the escaping that the\nserialisation applies.\n\nFixes #152","shortMessageHtmlLink":"fix: dedupe backslashes in json stringification for searching"}},{"before":"81011afcb8bbd60a92bb76d1acf5b2cf7d772d18","after":"315e1ce55c89d80461a85ff0cd0f8ae8043bb1b0","ref":"refs/heads/master","pushedAt":"2023-11-27T14:34:13.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"fix: incorrect mapping for provider name\n\nThe sigma provider name mapping was pointing to the wrong field in the\nevent log. This is now fixed.\n\nFixes: #149","shortMessageHtmlLink":"fix: incorrect mapping for provider name"}},{"before":"81011afcb8bbd60a92bb76d1acf5b2cf7d772d18","after":null,"ref":"refs/tags/v2.8.1","pushedAt":"2023-11-21T10:00:30.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"}},{"before":"b5a27d09e2a6c450b654ec4bc5454ab96ed7b6d3","after":"81011afcb8bbd60a92bb76d1acf5b2cf7d772d18","ref":"refs/heads/master","pushedAt":"2023-11-21T09:52:49.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"build: bump to version 2.8.1","shortMessageHtmlLink":"build: bump to version 2.8.1"}},{"before":"3968f08dad15433b621740b66dcd6e9d76475221","after":"b5a27d09e2a6c450b654ec4bc5454ab96ed7b6d3","ref":"refs/heads/master","pushedAt":"2023-11-12T10:47:03.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"build: bump dependencies","shortMessageHtmlLink":"build: bump dependencies"}},{"before":"bbce68dec707334ed556821b8d759fd52e5798a5","after":"3968f08dad15433b621740b66dcd6e9d76475221","ref":"refs/heads/master","pushedAt":"2023-11-12T10:34:54.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"refactor: improve the code that handles unknown AppId and UserId values (no entry in SruDbIdMapTable)","shortMessageHtmlLink":"refactor: improve the code that handles unknown AppId and UserId valu…"}},{"before":"55dd0cd757b30a8d45092832f6929a0a3e03522b","after":"bbce68dec707334ed556821b8d759fd52e5798a5","ref":"refs/heads/master","pushedAt":"2023-10-09T15:00:53.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"catarinadf","name":null,"path":"/catarinadf","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/41592444?s=80&v=4"},"commit":{"message":"docs: move the forensic insights about SRUM to the wiki","shortMessageHtmlLink":"docs: move the forensic insights about SRUM to the wiki"}},{"before":"38b91b7e46a277744966e19247fd26e9d79be3e6","after":"55dd0cd757b30a8d45092832f6929a0a3e03522b","ref":"refs/heads/master","pushedAt":"2023-10-07T19:21:16.000Z","pushType":"pr_merge","commitsCount":5,"pusher":{"login":"alexkornitzer","name":"Alex Kornitzer","path":"/alexkornitzer","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2750747?s=80&v=4"},"commit":{"message":"docs: update the command line options of the SRUM database parser, add DFIRArtifactMuseum to the Acknowledgements section, fix typo","shortMessageHtmlLink":"docs: update the command line options of the SRUM database parser, ad…"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEVPCc5AA","startCursor":null,"endCursor":null}},"title":"Activity · WithSecureLabs/chainsaw"}