Community Coverage

This page includes links to community-supplied articles and other resources involving the SOF-ELK® VM and/or overall project.

All content on the linked pages is owned by their respective authors, not any maintainer of the SOF-ELK project or this wiki.

• Bedang Sen provided an excellent writeup on creating a custom parser for SOF-ELK to handle new, unique, or as-of-yet unhandled input data formats.
  • Embark on a Custom Parser Journey: Unleashing the Power of SOF-ELK®
• A three-part blog series from Patterson Cake at Black Hills Information Security detailing several use cases for SOF-ELK with the Microsoft 365 Unified Audit Log (UAL).
  • Wrangling the M365 UAL with PowerShell and SOF-ELK (Part 1 of 3)
  • Wrangling the M365 UAL with SOF-ELK on EC2 (Part 2 of 3)
  • Wrangling the M365 UAL with SOF-ELK and CSV Data (Part 3 of 3)