Skip to content

Commit

Permalink
init commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@mrtdeh
mrtdeh committed Oct 31, 2023
0 parents commit 532eb9d
Show file tree
Hide file tree
Showing 11 changed files with 480 additions and 0 deletions.
3 changes: 3 additions & 0 deletions Logs/test.log
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
aaaaaaaaaaaaa
bbbbbbbbbbbbbbbb
cccccccccccccccc
3 changes: 3 additions & 0 deletions Logs/windows.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
{"@timestamp":"2023-10-30T08:35:41.169Z","@metadata":{"beat":"winlogbeat","type":"_doc","version":"7.17.4"},"process":{"entity_id":"{515cfcb9-6add-653f-3099-000000004e00}","pid":32164,"executable":"C:\\Windows\\SysWOW64\\dllhost.exe","command_line":"\"C:\\Windows\\SysWOW64\\DllHost.exe\" /Processid:{776DBC8D-7347-478C-8D71-791E12EF49D8}","parent":{"entity_id":"{00000000-0000-0000-0000-000000000000}","pid":968,"executable":"-","command_line":"-","name":"-","args":["-"]},"pe":{"original_file_name":"dllhost.exe","company":"Microsoft Corporation","description":"COM Surrogate","file_version":"10.0.19041.546 (WinBuild.160101.0800)","product":"Microsoft® Windows® Operating System","imphash":"b6a6c5247efbd2610e3dea44649d7041"},"args":["C:\\Windows\\SysWOW64\\DllHost.exe","/Processid:{776DBC8D-7347-478C-8D71-791E12EF49D8}"],"hash":{"sha256":"3ed69caab035258e008efbcf40db305891b40ba02ca2737e20defa7c2d4afaf7","md5":"6f3c9485f8f97ac04c8e43ef4463a68c"},"working_directory":"C:\\Windows\\system32\\","name":"dllhost.exe"},"user":{"id":"S-1-5-18","domain":"DESKTOP-R22JGEA","name":"hp"},"ecs":{"version":"1.12.0"},"message":"Process Create:\nRuleName: -\nUtcTime: 2023-10-30 08:35:41.169\nProcessGuid: {515cfcb9-6add-653f-3099-000000004e00}\nProcessId: 32164\nImage: C:\\Windows\\SysWOW64\\dllhost.exe\nFileVersion: 10.0.19041.546 (WinBuild.160101.0800)\nDescription: COM Surrogate\nProduct: Microsoft® Windows® Operating System\nCompany: Microsoft Corporation\nOriginalFileName: dllhost.exe\nCommandLine: \"C:\\Windows\\SysWOW64\\DllHost.exe\" /Processid:{776DBC8D-7347-478C-8D71-791E12EF49D8}\nCurrentDirectory: C:\\Windows\\system32\\\nUser: DESKTOP-R22JGEA\\hp\nLogonGuid: {515cfcb9-1571-652a-dcc2-030000000000}\nLogonId: 0x3C2DC\nTerminalSessionId: 1\nIntegrityLevel: Medium\nHashes: MD5=6F3C9485F8F97AC04C8E43EF4463A68C,SHA256=3ED69CAAB035258E008EFBCF40DB305891B40BA02CA2737E20DEFA7C2D4AFAF7,IMPHASH=B6A6C5247EFBD2610E3DEA44649D7041\nParentProcessGuid: {00000000-0000-0000-0000-000000000000}\nParentProcessId: 968\nParentImage: -\nParentCommandLine: -\nParentUser: -","host":{"architecture":"x86_64","name":"DESKTOP-R22JGEA","os":{"type":"windows","platform":"windows","version":"10.0","family":"windows","name":"Windows 10 Pro","kernel":"10.0.19041.3324 (WinBuild.160101.0800)","build":"19045.3324"},"id":"515cfcb9-6bc2-4928-8660-8498bfa8d3c0","ip":["fe80::ee9d:e9aa:1ab7:9167","169.254.22.149","fe80::a170:ca71:9f4:5cc8","169.254.105.43","fe80::da2e:c851:afd7:4052","169.254.242.62","fe80::4e93:f6c1:5f09:5ef","192.168.1.34","fe80::50bf:85b5:3486:21ee","169.254.16.215","fe80::a87d:543e:1bec:2019","169.254.249.40","fe80::8901:4461:59fe:171e","192.168.107.1","fe80::aa84:baa5:273e:9786","192.168.101.1"],"mac":["00:09:0f:fe:00:01","5e:08:50:95:ee:fd","a0:8c:fd:c0:21:09","00:ff:9b:fb:0e:60","00:50:56:c0:00:01","00:50:56:c0:00:08"],"hostname":"DESKTOP-R22JGEA"},"winlog":{"provider_guid":"{5770385f-c22a-43e0-bf4c-06f5698ffbd9}","version":5,"event_data":{"LogonGuid":"{515cfcb9-1571-652a-dcc2-030000000000}","Description":"COM Surrogate","Company":"Microsoft Corporation","ParentUser":"-","TerminalSessionId":"1","Product":"Microsoft® Windows® Operating System","FileVersion":"10.0.19041.546 (WinBuild.160101.0800)","LogonId":"0x3c2dc","IntegrityLevel":"Medium"},"channel":"Microsoft-Windows-Sysmon/Operational","task":"Process Create (rule: ProcessCreate)","event_id":"1","process":{"pid":50376,"thread":{"id":52612}},"computer_name":"DESKTOP-R22JGEA","api":"wineventlog","opcode":"Info","user":{"identifier":"S-1-5-18","domain":"NT AUTHORITY","name":"SYSTEM","type":"User"},"provider_name":"Microsoft-Windows-Sysmon","record_id":355307},"event":{"category":["process"],"created":"2023-10-30T08:35:50.718Z","code":"1","kind":"event","provider":"Microsoft-Windows-Sysmon","action":"Process Create (rule: ProcessCreate)","module":"sysmon","type":["start","process_start"]},"log":{"level":"information"},"agent":{"hostname":"DESKTOP-R22JGEA","ephemeral_id":"2bcb455a-41cb-423f-a406-80e7852eeb80","id":"8721693d-644b-4276-8365-0395cf531d90","name":"DESKTOP-R22JGEA","type":"winlogbeat","version":"7.17.4"},"related":{"hash":["6f3c9485f8f97ac04c8e43ef4463a68c","3ed69caab035258e008efbcf40db305891b40ba02ca2737e20defa7c2d4afaf7","b6a6c5247efbd2610e3dea44649d7041"],"user":"hp"},"hash":{"md5":"6f3c9485f8f97ac04c8e43ef4463a68c","sha256":"3ed69caab035258e008efbcf40db305891b40ba02ca2737e20defa7c2d4afaf7","imphash":"b6a6c5247efbd2610e3dea44649d7041"}}
{"@timestamp":"2023-10-30T08:35:42.439Z","@metadata":{"beat":"winlogbeat","type":"_doc","version":"7.17.4"},"agent":{"type":"winlogbeat","version":"7.17.4","hostname":"DESKTOP-R22JGEA","ephemeral_id":"2bcb455a-41cb-423f-a406-80e7852eeb80","id":"8721693d-644b-4276-8365-0395cf531d90","name":"DESKTOP-R22JGEA"},"winlog":{"user":{"type":"User","identifier":"S-1-5-18","domain":"NT AUTHORITY","name":"SYSTEM"},"channel":"Microsoft-Windows-Sysmon/Operational","event_data":{"ParentUser":"NT AUTHORITY\\SYSTEM","Company":"Microsoft Corporation","LogonGuid":"{515cfcb9-156e-652a-e703-000000000000}","LogonId":"0x3e7","FileVersion":"10.0.19041.1865 (WinBuild.160101.0800)","Description":"Consent UI for administrative applications","IntegrityLevel":"System","TerminalSessionId":"1","Product":"Microsoft® Windows® Operating System"},"task":"Process Create (rule: ProcessCreate)","opcode":"Info","provider_name":"Microsoft-Windows-Sysmon","computer_name":"DESKTOP-R22JGEA","api":"wineventlog","provider_guid":"{5770385f-c22a-43e0-bf4c-06f5698ffbd9}","version":5,"event_id":"1","record_id":355308,"process":{"pid":50376,"thread":{"id":52612}}},"event":{"action":"Process Create (rule: ProcessCreate)","created":"2023-10-30T08:35:50.718Z","code":"1","kind":"event","provider":"Microsoft-Windows-Sysmon","module":"sysmon","type":["start","process_start"],"category":["process"]},"log":{"level":"information"},"message":"Process Create:\nRuleName: -\nUtcTime: 2023-10-30 08:35:42.439\nProcessGuid: {515cfcb9-6ade-653f-3199-000000004e00}\nProcessId: 14208\nImage: C:\\Windows\\System32\\consent.exe\nFileVersion: 10.0.19041.1865 (WinBuild.160101.0800)\nDescription: Consent UI for administrative applications\nProduct: Microsoft® Windows® Operating System\nCompany: Microsoft Corporation\nOriginalFileName: consent.exe\nCommandLine: consent.exe 12088 272 0000021094E88890\nCurrentDirectory: C:\\Windows\\system32\\\nUser: NT AUTHORITY\\SYSTEM\nLogonGuid: {515cfcb9-156e-652a-e703-000000000000}\nLogonId: 0x3E7\nTerminalSessionId: 1\nIntegrityLevel: System\nHashes: MD5=DD5032EF160209E470E2612A8A3D5F59,SHA256=7FF00DE6D57E83E0A3D566935C7557F11F9B12270529582987FF14EE65502EA6,IMPHASH=7001337914CFB426620F508E54CDF72F\nParentProcessGuid: {515cfcb9-1589-652a-2b01-000000004e00}\nParentProcessId: 12088\nParentImage: C:\\Windows\\System32\\svchost.exe\nParentCommandLine: C:\\Windows\\system32\\svchost.exe -k netsvcs -p -s Appinfo\nParentUser: NT AUTHORITY\\SYSTEM","related":{"user":"SYSTEM","hash":["dd5032ef160209e470e2612a8a3d5f59","7ff00de6d57e83e0a3d566935c7557f11f9b12270529582987ff14ee65502ea6","7001337914cfb426620f508e54cdf72f"]},"hash":{"md5":"dd5032ef160209e470e2612a8a3d5f59","sha256":"7ff00de6d57e83e0a3d566935c7557f11f9b12270529582987ff14ee65502ea6","imphash":"7001337914cfb426620f508e54cdf72f"},"host":{"mac":["00:09:0f:fe:00:01","5e:08:50:95:ee:fd","a0:8c:fd:c0:21:09","00:ff:9b:fb:0e:60","00:50:56:c0:00:01","00:50:56:c0:00:08"],"name":"DESKTOP-R22JGEA","hostname":"DESKTOP-R22JGEA","architecture":"x86_64","os":{"kernel":"10.0.19041.3324 (WinBuild.160101.0800)","build":"19045.3324","type":"windows","platform":"windows","version":"10.0","family":"windows","name":"Windows 10 Pro"},"id":"515cfcb9-6bc2-4928-8660-8498bfa8d3c0","ip":["fe80::ee9d:e9aa:1ab7:9167","169.254.22.149","fe80::a170:ca71:9f4:5cc8","169.254.105.43","fe80::da2e:c851:afd7:4052","169.254.242.62","fe80::4e93:f6c1:5f09:5ef","192.168.1.34","fe80::50bf:85b5:3486:21ee","169.254.16.215","fe80::a87d:543e:1bec:2019","169.254.249.40","fe80::8901:4461:59fe:171e","192.168.107.1","fe80::aa84:baa5:273e:9786","192.168.101.1"]},"process":{"entity_id":"{515cfcb9-6ade-653f-3199-000000004e00}","executable":"C:\\Windows\\System32\\consent.exe","command_line":"consent.exe 12088 272 0000021094E88890","hash":{"sha256":"7ff00de6d57e83e0a3d566935c7557f11f9b12270529582987ff14ee65502ea6","md5":"dd5032ef160209e470e2612a8a3d5f59"},"pid":14208,"working_directory":"C:\\Windows\\system32\\","parent":{"executable":"C:\\Windows\\System32\\svchost.exe","command_line":"C:\\Windows\\system32\\svchost.exe -k netsvcs -p -s Appinfo","name":"svchost.exe","args":["C:\\Windows\\system32\\svchost.exe","-k","netsvcs","-p","-s","Appinfo"],"entity_id":"{515cfcb9-1589-652a-2b01-000000004e00}","pid":12088},"pe":{"original_file_name":"consent.exe","company":"Microsoft Corporation","description":"Consent UI for administrative applications","file_version":"10.0.19041.1865 (WinBuild.160101.0800)","product":"Microsoft® Windows® Operating System","imphash":"7001337914cfb426620f508e54cdf72f"},"name":"consent.exe","args":["consent.exe","12088","272","0000021094E88890"]},"user":{"id":"S-1-5-18","domain":"NT AUTHORITY","name":"SYSTEM"},"ecs":{"version":"1.12.0"}}
{"@timestamp":"2023-10-30T08:35:46.811Z","@metadata":{"beat":"winlogbeat","type":"_doc","version":"7.17.4"},"host":{"ip":["fe80::ee9d:e9aa:1ab7:9167","169.254.22.149","fe80::a170:ca71:9f4:5cc8","169.254.105.43","fe80::da2e:c851:afd7:4052","169.254.242.62","fe80::4e93:f6c1:5f09:5ef","192.168.1.34","fe80::50bf:85b5:3486:21ee","169.254.16.215","fe80::a87d:543e:1bec:2019","169.254.249.40","fe80::8901:4461:59fe:171e","192.168.107.1","fe80::aa84:baa5:273e:9786","192.168.101.1"],"name":"DESKTOP-R22JGEA","mac":["00:09:0f:fe:00:01","5e:08:50:95:ee:fd","a0:8c:fd:c0:21:09","00:ff:9b:fb:0e:60","00:50:56:c0:00:01","00:50:56:c0:00:08"],"hostname":"DESKTOP-R22JGEA","architecture":"x86_64","os":{"platform":"windows","version":"10.0","family":"windows","name":"Windows 10 Pro","kernel":"10.0.19041.3324 (WinBuild.160101.0800)","build":"19045.3324","type":"windows"},"id":"515cfcb9-6bc2-4928-8660-8498bfa8d3c0"},"message":"Process Create:\nRuleName: -\nUtcTime: 2023-10-30 08:35:46.811\nProcessGuid: {515cfcb9-6ae2-653f-3399-000000004e00}\nProcessId: 53040\nImage: C:\\Windows\\System32\\consent.exe\nFileVersion: 10.0.19041.1865 (WinBuild.160101.0800)\nDescription: Consent UI for administrative applications\nProduct: Microsoft® Windows® Operating System\nCompany: Microsoft Corporation\nOriginalFileName: consent.exe\nCommandLine: consent.exe 12088 272 0000021094E88760\nCurrentDirectory: C:\\Windows\\system32\\\nUser: NT AUTHORITY\\SYSTEM\nLogonGuid: {515cfcb9-156e-652a-e703-000000000000}\nLogonId: 0x3E7\nTerminalSessionId: 1\nIntegrityLevel: System\nHashes: MD5=DD5032EF160209E470E2612A8A3D5F59,SHA256=7FF00DE6D57E83E0A3D566935C7557F11F9B12270529582987FF14EE65502EA6,IMPHASH=7001337914CFB426620F508E54CDF72F\nParentProcessGuid: {515cfcb9-1589-652a-2b01-000000004e00}\nParentProcessId: 12088\nParentImage: C:\\Windows\\System32\\svchost.exe\nParentCommandLine: C:\\Windows\\system32\\svchost.exe -k netsvcs -p -s Appinfo\nParentUser: NT AUTHORITY\\SYSTEM","process":{"parent":{"executable":"C:\\Windows\\System32\\svchost.exe","command_line":"C:\\Windows\\system32\\svchost.exe -k netsvcs -p -s Appinfo","name":"svchost.exe","args":["C:\\Windows\\system32\\svchost.exe","-k","netsvcs","-p","-s","Appinfo"],"entity_id":"{515cfcb9-1589-652a-2b01-000000004e00}","pid":12088},"pe":{"company":"Microsoft Corporation","description":"Consent UI for administrative applications","file_version":"10.0.19041.1865 (WinBuild.160101.0800)","product":"Microsoft® Windows® Operating System","imphash":"7001337914cfb426620f508e54cdf72f","original_file_name":"consent.exe"},"name":"consent.exe","pid":53040,"executable":"C:\\Windows\\System32\\consent.exe","working_directory":"C:\\Windows\\system32\\","hash":{"md5":"dd5032ef160209e470e2612a8a3d5f59","sha256":"7ff00de6d57e83e0a3d566935c7557f11f9b12270529582987ff14ee65502ea6"},"entity_id":"{515cfcb9-6ae2-653f-3399-000000004e00}","command_line":"consent.exe 12088 272 0000021094E88760","args":["consent.exe","12088","272","0000021094E88760"]},"related":{"user":"SYSTEM","hash":["dd5032ef160209e470e2612a8a3d5f59","7ff00de6d57e83e0a3d566935c7557f11f9b12270529582987ff14ee65502ea6","7001337914cfb426620f508e54cdf72f"]},"hash":{"md5":"dd5032ef160209e470e2612a8a3d5f59","sha256":"7ff00de6d57e83e0a3d566935c7557f11f9b12270529582987ff14ee65502ea6","imphash":"7001337914cfb426620f508e54cdf72f"},"ecs":{"version":"1.12.0"},"agent":{"version":"7.17.4","hostname":"DESKTOP-R22JGEA","ephemeral_id":"2bcb455a-41cb-423f-a406-80e7852eeb80","id":"8721693d-644b-4276-8365-0395cf531d90","name":"DESKTOP-R22JGEA","type":"winlogbeat"},"winlog":{"computer_name":"DESKTOP-R22JGEA","event_data":{"LogonGuid":"{515cfcb9-156e-652a-e703-000000000000}","FileVersion":"10.0.19041.1865 (WinBuild.160101.0800)","IntegrityLevel":"System","ParentUser":"NT AUTHORITY\\SYSTEM","TerminalSessionId":"1","Company":"Microsoft Corporation","Product":"Microsoft® Windows® Operating System","Description":"Consent UI for administrative applications","LogonId":"0x3e7"},"event_id":"1","version":5,"api":"wineventlog","user":{"identifier":"S-1-5-18","domain":"NT AUTHORITY","name":"SYSTEM","type":"User"},"opcode":"Info","provider_guid":"{5770385f-c22a-43e0-bf4c-06f5698ffbd9}","channel":"Microsoft-Windows-Sysmon/Operational","record_id":355309,"task":"Process Create (rule: ProcessCreate)","process":{"pid":50376,"thread":{"id":52612}},"provider_name":"Microsoft-Windows-Sysmon"},"event":{"action":"Process Create (rule: ProcessCreate)","created":"2023-10-30T08:35:50.718Z","code":"1","module":"sysmon","type":["start","process_start"],"category":["process"],"kind":"event","provider":"Microsoft-Windows-Sysmon"},"log":{"level":"information"},"user":{"id":"S-1-5-18","domain":"NT AUTHORITY","name":"SYSTEM"}}
22 changes: 22 additions & 0 deletions certs/ca.crt
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDkTCCAnmgAwIBAgIUBSu/XAK3ioS8iRx+wMchtlc/zncwDQYJKoZIhvcNAQEL
BQAwWDELMAkGA1UEBhMCSVIxDDAKBgNVBAgMA1l6ZDEMMAoGA1UEBwwDWXpkMQ8w
DQYDVQQKDAZGYXJ6YW4xDDAKBgNVBAsMA0RldjEOMAwGA1UEAwwFbG9jYWwwHhcN
MjMwODA3MDcwMjM1WhcNMjQwODA2MDcwMjM1WjBYMQswCQYDVQQGEwJJUjEMMAoG
A1UECAwDWXpkMQwwCgYDVQQHDANZemQxDzANBgNVBAoMBkZhcnphbjEMMAoGA1UE
CwwDRGV2MQ4wDAYDVQQDDAVsb2NhbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAOOrtx5vpmIDVoww7waV3xb5UAYXtZoAbcS3cJpQxZ6qkrhmhTZ0ePkf
3cY7lhDO7OZKmXzf4+0H/b1rzAGeBP0yXi1AvlWt9rsdXBe0C03rSkXzsYuwN5t3
KYG8CNrjVQqOeN5fSV1a6d9tKbb72FtHoRCo8+JsyXs9QAQayI4Jdj0LIxrpBcW/
jfOG2K89p3mlrPqZNubjaTbzK05Ecmx9NCITHZ8km35tGBJz9w4rZrrAk0Kreoy6
lnzxhBPV0m3iTjtYS0y95HkarPf1dYq4WGyT3wrKec+S3zOD30lDNaYDiZ5EAsV0
Zekim2WBBxSoBGHjynaF+u28Lx2dlIsCAwEAAaNTMFEwHQYDVR0OBBYEFNofAdnV
PU5ghmctndbKGOIUaAVmMB8GA1UdIwQYMBaAFNofAdnVPU5ghmctndbKGOIUaAVm
MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADJlNh0kHozJdDI4
9n96n5XvdsqswKLfJE7hUUIySGQmDfamJtoZQgQdolNINY00iSkXNdwPH0+QOKzh
TeVh02U9U+pBDkvRdNtP0mPC6IS4XsYQRU1Vr0pkaZHB0d6LzioJeoHNfRlKlFDQ
84qJ2RgTkSu1YRBsopgOe58DYuOMZPUZV+3MrbPu8F9WJ0aWZAg1mzvANrZp5l62
9U2fTZYEuUJjHiYUERebbeLNH9ie5YPLvpyVXvm1AJSe5qVgi/bDIy3tt7p0IMLS
qRB0nmS9fjsAaV9APJN0gSQny9oUsiAjfZwitqbKp4rdn+Jjz5inwESZ3rW1oCEQ
V0qJNbY=
-----END CERTIFICATE-----
22 changes: 22 additions & 0 deletions certs/client.crt
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDuTCCAqGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJJUjEM
MAoGA1UECAwDWXpkMQwwCgYDVQQHDANZemQxDzANBgNVBAoMBkZhcnphbjEMMAoG
A1UECwwDRGV2MQ4wDAYDVQQDDAVsb2NhbDAeFw0yMzA4MDcwNzAyMzhaFw0yNDA4
MDYwNzAyMzhaMEoxDjAMBgNVBAMMBWxvY2FsMQwwCgYDVQQIDANZemQxCzAJBgNV
BAYTAklSMQ8wDQYDVQQKDAZGYXJ6YW4xDDAKBgNVBAsMA0RldjCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMxuf9YZ1dt5L7K9aoIl7uvZG84zLS5Kofun
qcSPXqCYsV4Ad0k8D/5bVYS3cM+mXjvtS0C3YT88nfjcwnxcIl0KsUtN7BO7hxuR
w4PK6+qYklFPndn+IWUCqI3JIKvlbNy+arRARBM6k87alP8H5IB1OV7ngmwEuoeA
wSxRD1LRmTKKyULguF3hpU9Pqt2QX/cOAXXD/p/33eZ6WDQThxekjGwYPhnRLx/M
k8M9JcEiJHIn1+LPQG9HgcqgSFKFxbKEeaI9H65MxK4ksEE2L9hj/Cb02C5am7uK
43qoEzJHecy0Uur7uYTMRbklS2kLYGB+9Def9pypoMsSYaDgLlUCAwEAAaOBmzCB
mDAJBgNVHRMEAjAAMB0GA1UdDgQWBBSyQ7JPs+HFkwJ867DSmejKD2ZeNDAfBgNV
HSMEGDAWgBTaHwHZ1T1OYIZnLZ3WyhjiFGgFZjALBgNVHQ8EBAMCBaAwKQYDVR0f
BCIwIDAeoBygGoYYaHR0cDovL2xvZ3N0YXNoL3Jvb3QuY3JsMBMGA1UdEQQMMAqC
CGxvZ3N0YXNoMA0GCSqGSIb3DQEBCwUAA4IBAQDTmVoDY0ypRDFE6j/5lWj1QU5N
3GbdjS+3T0Fg5r+4pMthIulhVcMdEv1seqvaE56/FEH+3dQEbXl+jEfpJMoMpZVe
FeR75B/YZJ296ryaEZ+Cg+wZU5TPo09wE1KztYiR04yxxSyxa/v7HLiPIaeSuLKK
hTNq+fkAKzui/Cs4+HbWRKMl7ftNsD21TxJWwJejV3vTwZulgTT+otp5PDTjQzJn
pdvfWLmcTVE0BrVaoSvflOyS4BA7NoV+Fs00c/UhEoObxoIq1wpqvAAhawrb23kR
fwg1jmqrcfozkc/TeB3hne16hcl1YDj8i6tHJ96vgFNjLKkjOeImfGRDKo2v
-----END CERTIFICATE-----
28 changes: 28 additions & 0 deletions certs/client.key
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDMbn/WGdXbeS+y
vWqCJe7r2RvOMy0uSqH7p6nEj16gmLFeAHdJPA/+W1WEt3DPpl477UtAt2E/PJ34
3MJ8XCJdCrFLTewTu4cbkcODyuvqmJJRT53Z/iFlAqiNySCr5Wzcvmq0QEQTOpPO
2pT/B+SAdTle54JsBLqHgMEsUQ9S0ZkyislC4Lhd4aVPT6rdkF/3DgF1w/6f993m
elg0E4cXpIxsGD4Z0S8fzJPDPSXBIiRyJ9fiz0BvR4HKoEhShcWyhHmiPR+uTMSu
JLBBNi/YY/wm9NguWpu7iuN6qBMyR3nMtFLq+7mEzEW5JUtpC2BgfvQ3n/acqaDL
EmGg4C5VAgMBAAECggEAK9XO3hUknP7PmkNQ9Q7WvCZN9slU+Q3iTXCub7oxV3ze
XXJ6oY66PDeP7xkZnMEHCFER15LqzJE+K2iE4H8uFCbQjP3sru+BYUlAdABdVWy5
RSuuBJogRYVMKLj1oz5a+TtwbG2yWzAulQacN9JUrjHUpzO7rNdXuuoCIfNQtphe
DrAYIAtsl8ynmas3SBinwLuechneb1h2+XDsBUgPiGVzCbN9EPmfrmhRlKWmL4Kn
opqpI+Tc/GglQhisY28i+PSircf+8pcUknPWoJlUNHAEMFRM22qNFCKhCt+um+Yz
CYvXQc0Dt/ASSp7EHpAF7//Z2AL88wys1Ts/YEkVCQKBgQD4roHX9mH31Pq5+yTt
FWGEhfgC05i91TmljNuCTp9B+UdB/5OtNBlkwaOY48G1WD0PjJKsHDZWpWUKmc6O
QXI0oVWBYj1NXGmOkvKz0gZ4PlqNyHjralY6vWO98UcLfuobCTjejnfap5QL9DP+
BPOgZC0bP7yVaGTYvDFcNlEA7QKBgQDScqAxeHFjKeQTHRBLrHLdQaH9WFx+QcxK
ofQHQ/MAHh+U4inJEyzYlMQI6hblxl/GiTB9aPh5HG/9tKqkchT3boaa5erQJ6/r
EKBdzkRD2/XdGrioPiaN4FK+9yDVWzTpRKJpKOyJUnpH+aJp2DlZ8ThjMWAQCGLS
1dEsxgz+CQKBgAq9DmJTA1v+WG1biPar67AbUOBeXsQjxv99G6V+26WvrAIPlULv
cwFE01mwzBaWntxjB5pjBX2sWrageaju7o2TQev6YAdNLEm50r0tHpZmquZgd8hC
qUKUFxCGsLiwXE+akFgb8tUAU4ZIn04izJpqeQAqOmyBO4mYZtFCjzDpAoGAXnsl
3m/zgBC7m7UtrrvCagFgZ6x3AhwqSsuBEo34F/JuPVp4ZhTcynOnu1TVaN1x/GF1
SqiI/V6+DMpC3kd1kEyn0/0rOb7HpSI2zUagsVKchGLNyoL0rjerDp9Gt2MWUzAE
NnAwGcrUqWGzABAaV34L0cTGGwyYyY1DNvXHuXkCgYEA4bWz4p1+iUHgJi7vQJ1K
7c6UYwNXIesaV+MNF2ZGwBHYkUc1tz1L1EexIm3YpCtuyoHxsMen10ZwmPe3EYof
r7ZvNco3rIVNrqnSrCI2tkquVRPygKDZF84mjgVGWqZ3xPNE4Wkmg8LMoMxWQfd6
2xNqX61V7olxDmteEH4JNBU=
-----END PRIVATE KEY-----
7 changes: 7 additions & 0 deletions go.mod
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
module github.com/mrtdeh/testeps

go 1.20

require github.com/elastic/go-lumber v0.1.1

require github.com/klauspost/compress v1.11.2 // indirect
4 changes: 4 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
github.com/elastic/go-lumber v0.1.1 h1:aae5rSBnwBvdB0aShJ7AbOYPyvP1/wS/JIOC1A4D1DM=
github.com/elastic/go-lumber v0.1.1/go.mod h1:DMVoFv7YM71enE9X5vWJWWv7wvQNtzXh7bPeKukDccY=
github.com/klauspost/compress v1.11.2 h1:MiK62aErc3gIiVEtyzKfeOHgW7atJb5g/KNX5m3c2nQ=
github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
9 changes: 9 additions & 0 deletions logs.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{
"sources":[

{"name":"windows","proto" :"beats","port":50441,"tls":false,"path":"./Logs/windows.json"},
{"name":"windows-tls","proto" :"beats","port":50442,"tls":true,"path":"./Logs/windows.json"},
{"name":"test-tcp","proto" :"tcp","port":8585,"tls":false,"path":"./Logs/test.log"},
{"name":"test-udp","proto" :"udp","port":8686,"tls":false,"path":"./Logs/test.log"}
]
}
Loading

0 comments on commit 532eb9d

Please sign in to comment.