Vincent Ruello

> Hello, thank you for fast response. Passing full traffic dump will be pretty hard to approve, but the only readable part of it is here: > > > POST...

Hi @cdjkee! Thanks for all those details. I don't know why your server is using `Negotiate` rather than `Kerberos` authentication method. * Could you check if the `Kerberos` auth method...

Hey! I'm glad it's working for you now :-) I could reproduce the behavior by configuring `TrustedHosts=*`, nice catch! So my patch did not work, but I fixed it and...

Hello! At the moment, we have no plans to implement a gRPC stream output driver. However, we are open to contributions! You can take a look at the [outputs documentation](https://github.com/cea-sec/openwec/blob/main/doc/outputs.md#how-to-add-a-new-driver-)...

Hi! Could you check if the missing events exist locally on the Windows machine using Event Viewer? > Configured successfully and receiving events, but loosing events that were generated during...

Interesting! I'll try to reproduce this on my own. In the meantime, could you try to reproduce the issue with the openwec log level set to `trace` and share openwec...

Thanks! So, according to `openwec-trace.log`: * 11:32:55Z: The first EnumerateResponse sent by openwec contains the bookmark: ``. * 11:32:58Z: 2 events are received (28815 and 28816). Bookmark is set to...

Could you also share the content of the following channels between 12:25:00Z and 12:30:00Z? * `Applications and Services Logs\Microsoft\Windows\Eventlog-ForwardingPlugin` * `Applications and Services Logs\Microsoft\Windows\Windows Remote Management`

I was able to reproduce the issue in one of my labs, with a Windows 11 Pro client that authenticates to openwec using TLS. However, the problem does not seem...

I have made some progress. * I could not reproduce the behavior in an AD environment. Everything seems to be working as expected, which is reassuring. * In the AD...