https://github.com/psmths/ingest-procmon

Python script to index SysInternals procmon CSV exports into elasticsearch
https://github.com/psmths/ingest-procmon

analysis elastic elasticsearch procmon sysinternals

Last synced: about 2 months ago
JSON representation

Python script to index SysInternals procmon CSV exports into elasticsearch

Host: GitHub
URL: https://github.com/psmths/ingest-procmon
Owner: Psmths
Created: 2023-05-03T22:26:51.000Z (almost 2 years ago)
Default Branch: master
Last Pushed: 2023-05-03T22:26:54.000Z (almost 2 years ago)
Last Synced: 2025-01-17T03:28:51.837Z (3 months ago)
Topics: analysis, elastic, elasticsearch, procmon, sysinternals
Language: Python
Homepage:
Size: 18.6 KB
Stars: 0
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# ingest-procmon

This is a utility to quickly index Procmon exports into elasticsearch. It should be able to handle whatever columns you have selected, these are the ones that I use personally that work with this script:

![Procmon Column Settings](/media/columns.png)

Just edit the configuration YAML file as appropriate, rename it to `config.yml` and you should be good to go! The appropriate mappings have already been defined in `procmon-mapping.json`.

## Usage

```
python3 .\ingest-procmon.py --help
usage: ingest-procmon.py [-h] [--file FILE] [--index INDEX]

optional arguments:
-h, --help show this help message and exit
--file FILE The Procmon CSV logfile to index into elasticsearch
--index INDEX The index to index documents into. If not selected, the index
specified in configuration will be used.
```

### Example

```
python3 ./ingest-procmon.py --file sampledata.csv --index procmon-sample-data
```

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/psmths/ingest-procmon

Awesome Lists containing this project

README