📄️ Eolh Events
Eolh.trace.Event
📄️ Signatures
In Eolh, detection rules are implemented as Signatures. Eolh's Signature is almost identical to Tracee's Signature, except that it deals with ETW Events.
📄️ CLI Flags
Eolh CLI has the following cli options: