AutoLogger simplifies logging in .NET solutions without adding overhead to your code
SemanticLogging.Database.Xml is a sink for the Semantic Logging Application Block that exposes Event Source events to an Sql Server database. The payload data is stored in an xml document instead of a Json document
SigmaEye is a Windows process monitoring toolkit that integrates ETW and user-level monitoring with Sigma rules. It detects suspicious process behavior, LOLBins usage, and potential threats in real-time. Features include dual monitoring, DLL injection tracking, and customizable detection rules. Requires admin privileges for ETW monitoring.
A ReflectInsight Extension that receives logged messages from Semantic Logging (ETW) framework
Python logging via Event Tracing for Windows (ETW)
Open source HIDS tailored for Microsoft Windows and Active Directory
entSourceGenerator automatically generates ETW EventSources for C# .NET projects
Real-time ransomware detection and monitoring tool for Windows using ETW, with a Python (Flask) backend, Angular dashboard, and Redis-based event pipeline for scoring, alerting, and automated response actions.
An ETW EventSource analyzer build on .Net Standard 2.0
A clean architecture, DDD-based solution for parsing ETW (Event Tracing for Windows) ETL files.
Greathelm is a modular Windows security service focused on process inspection, PowerShell telemetry, and automated response enforcement. It’s built entirely in C++ and designed for minimal dependencies, direct API usage.
ETW Collector for Microsoft-Extensions-Logging
Amazing Latency Performance Audit
Incident Response Blue-Team tool detecting untrusted processes accessing sensitive data using ETW
System Activity Monitor (SAM) is a research tool that enables detailed recording of system and application behavior and resource usage.
Add a description, image, and links to the etw topic page so that developers can more easily learn about it.
To associate your repository with the etw topic, visit your repo's landing page and select "manage topics."