LimaCharlie

The Artifact Collection system allows you to ingest artifact types like:

- Plain text logs (syslog for example)
- Windows Event Logs
- PCAPs
- Windows Prefetch files
- Windows PE (executables) files
- Zeek (previously Bro)
- Full memory dumps
- Generic JSON
- OLE (MS Word, Excel etc)
- Windows MFT CSV Listing

Those artifacts can be ingested from hosts running a LimaCharlie sensor, or they can be pushed to the LimaCharlie platform via a REST interface.

To learn more about the LimaCharlie's artifact collection capabilities, visit our <a href="https://doc.limacharlie.io/docs/documentation/ZG9jOjE5MzExMDY-artifact-collectionundefined" target="_blank" rel="nofollow noopener noreferrer">technical documentation</a>. To access a step-by-step guide about bringing the Windows Event Logs into LimaCharlie, visit <a href="https://help.limacharlie.io/en/articles/5687558-how-do-i-get-windows-event-logs-wel-into-limacharlie" target="_blank">this help center article</a>. 

How do I get external artifacts ingested into LimaCharlie?

Technical Documentation

Slack Community

Course

GitHub

Swagger Doc

Release Notes

Find answers and get help from Intercom Support and Community Experts