https://github.com/tstromberg/esl

Consume EndpointSecurity events on macOS via eslogger
https://github.com/tstromberg/esl

endpointsecurity esl macos

Last synced: 8 months ago
JSON representation

Consume EndpointSecurity events on macOS via eslogger

• Host: GitHub
• URL: https://github.com/tstromberg/esl
• Owner: tstromberg
• License: apache-2.0
• Created: 2023-05-07T15:57:29.000Z (about 3 years ago)
• Default Branch: main
• Last Pushed: 2023-05-07T16:36:48.000Z (about 3 years ago)
• Last Synced: 2024-11-12T06:33:43.164Z (over 1 year ago)
• Topics: endpointsecurity, esl, macos
• Language: Go
• Homepage:
• Size: 13.7 KB
• Stars: 4
• Watchers: 2
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# esl

Consume EndpointSecurity events on macOS via eslogger(1)

## Usage

This is mostly an experimental library for consuming EndpointSecurity events from Go, but we also provide an example command-line.

Will show you information on file open calls:

```shell

go install github.com/tstromberg/esl/cmd/esl@latest

esl open

```

## Note

The `eslogger(1)` commannd provided by Apple is not designed to be a stable API. YMMV.