.env
.gitattributes
.gitignore
CHANGELOG.md
CONTRIBUTING.md
DATASHEET.md
Dockerfile
Doxyfile
LICENSE.AGPL-3.0.md
LICENSE.GULP.md
LICENSE.md
MANIFEST.in
README.md
checkout_branch.sh
docker-compose.yml
docker-entrypoint.sh
gulp.code-workspace
gulp_cfg_template.json
logo.svg
prometheus.yml
pyproject.toml
reset_docker.sh
screenshot-1.png
screenshot-2.png
screenshot-3.png
update_requirements_txt.sh
.devcontainer/Dockerfile
.devcontainer/devcontainer.json
.devcontainer/devsetup.sh
.devcontainer/docker-compose.yml
.github/copilot-instructions.md
.github/ISSUE_TEMPLATE/bug_report.md
.github/ISSUE_TEMPLATE/feature_request.md
.github/workflows/docker-ci.yml
.github/workflows/python-package.yml
collab_migrate/example_migrate_collab.py
collab_migrate/1.5.1/migrate.py
collab_migrate/1.6.6/migrate.py
docs/architecture.md
docs/install_dev.md
docs/install_docker.md
docs/integration.md
docs/observability.md
docs/plugins_and_mapping.md
docs/query.md
docs/testing.md
docs/troubleshooting.md
docs/plugins/ai_assistant.md
docs/plugins/bridge_manager.md
docs/plugins/csv.py.md
docs/plugins/enrich_abuse.md
docs/plugins/enrich_circl_hash.md
docs/plugins/json.py.md
docs/plugins/otel_receiver.md
docs/plugins/query_elasticsearch.md
docs/plugins/regex.py.md
docs/plugins/win_pe.py.md
docs/plugins/zip.py.md
samples/apache_clf/access.log
samples/apache_clf/error.log
samples/chrome_history_sqlite_stacked/History
samples/chrome_webdata_sqlite_stacked/Web Data
samples/eml/sample.eml
samples/iis_access/iis.log
samples/iis_access_ncsa/iis_ncsa.log
samples/iis_access_w3c/iis_w3c.log
samples/json/generate_list.py
samples/json/jsondict.json
samples/json/jsonline.json
samples/json/jsonlist.json
samples/json/test_list.json
samples/lin_syslog/auth.log
samples/lin_syslog/syslog
samples/mbox/sample.mbox
samples/memprocfs/ntfs_files.txt
samples/memprocfs/timeline_all.txt
samples/memprocfs/timeline_little.txt
samples/memprocfs/web.txt
samples/mftecmd/sample_j.csv
samples/mftecmd/sample_record.csv
samples/mysql_error/mysql_error.log
samples/mysql_general/example.general.log
samples/pcap/220614_ip_flags_google.pcapng
samples/pfsense/filter.log
samples/sqlite/chrome_history
samples/sqlite/chrome_webdata
samples/suricata/eve.json
samples/suricata/eve_long.json
samples/suricata/fast.log
samples/systemd_journal/system.journal
samples/teamviewer/connections_incoming.txt
samples/win_evtx/2-system-Microsoft-Windows-LiveId%4Operational.evtx
samples/win_evtx/2-system-Security-dirty.evtx
samples/win_evtx/2-vss_0-Microsoft-Windows-RemoteDesktopServices-RdpCoreTS%4Operational.evtx
samples/win_evtx/2-vss_0-Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Operational.evtx
samples/win_evtx/2-vss_7-System.evtx
samples/win_evtx/Application.evtx
samples/win_evtx/Application_no_crc32.evtx
samples/win_evtx/Archive-ForwardedEvents-test.evtx
samples/win_evtx/E_ShadowCopy6_windows_system32_winevt_logs_Microsoft-Windows-CAPI2%4Operational.evtx
samples/win_evtx/E_Windows_system32_winevt_logs_Microsoft-Windows-CAPI2%4Operational.evtx
samples/win_evtx/E_Windows_system32_winevt_logs_Microsoft-Windows-Shell-Core%4Operational.evtx
samples/win_evtx/MSExchange_Management_wec.evtx
samples/win_evtx/Microsoft-Windows-HelloForBusiness%4Operational.evtx
samples/win_evtx/Microsoft-Windows-LanguagePackSetup%4Operational.evtx
samples/win_evtx/Security_short_selected.evtx
samples/win_evtx/issue_201.evtx
samples/win_evtx/new-user-security.evtx
samples/win_evtx/post-Security.evtx
samples/win_evtx/sample-with-irregular-bool-values.evtx
samples/win_evtx/sample_with_a_bad_chunk_magic.evtx
samples/win_evtx/security.evtx
samples/win_evtx/security_big_sample.evtx
samples/win_evtx/sysmon.evtx
samples/win_evtx/system.evtx
samples/win_reg/NTUSER.DAT
samples/zeek/conn.log
samples/zeek/dce_rpc.log
samples/zeek/dhcp.log
samples/zeek/dns.log
samples/zeek/files.log
samples/zeek/ftp.log
samples/zeek/http.log
samples/zeek/irc.log
samples/zeek/kerberos.log
samples/zeek/known_certs.log
samples/zeek/known_hosts.log
samples/zeek/known_services.log
samples/zeek/ldap.log
samples/zeek/ldap_search.log
samples/zeek/notice.log
samples/zeek/ntlm.log
samples/zeek/ntp.log
samples/zeek/packet_filter.log
samples/zeek/pe.log
samples/zeek/postgresql.log
samples/zeek/quic.log
samples/zeek/rdp.log
samples/zeek/smb_files.log
samples/zeek/smb_mapping.log
samples/zeek/smtp.log
samples/zeek/software.log
samples/zeek/ssh.log
samples/zeek/ssl.log
samples/zeek/traceroute.log
samples/zeek/tunnel.log
samples/zeek/weird.log
samples/zeek/x509.log
src/gulp/__init__.py
src/gulp/__main__.py
src/gulp/_version.py
src/gulp/config.py
src/gulp/gulp.py
src/gulp/plugin.py
src/gulp/process.py
src/gulp/structs.py
src/gulp/api/collab_api.py
src/gulp/api/opensearch_api.py
src/gulp/api/prometheus_api.py
src/gulp/api/redis_api.py
src/gulp/api/s3_api.py
src/gulp/api/server_api.py
src/gulp/api/ws_api.py
src/gulp/api/collab/__init__.py
src/gulp/api/collab/context.py
src/gulp/api/collab/enhance_doc_map.py
src/gulp/api/collab/field_types_entry.py
src/gulp/api/collab/glyph.py
src/gulp/api/collab/highlight.py
src/gulp/api/collab/link.py
src/gulp/api/collab/mapping_parameters.py
src/gulp/api/collab/note.py
src/gulp/api/collab/operation.py
src/gulp/api/collab/source.py
src/gulp/api/collab/source_field_types.py
src/gulp/api/collab/stats.py
src/gulp/api/collab/structs.py
src/gulp/api/collab/user.py
src/gulp/api/collab/user_group.py
src/gulp/api/collab/user_session.py
src/gulp/api/collab/assets/__init__.py
src/gulp/api/collab/assets/icons.txt
src/gulp/api/mapping/__init__.py
src/gulp/api/mapping/models.py
src/gulp/api/mapping/index_template/__init__.py
src/gulp/api/mapping/index_template/template.json
src/gulp/api/mapping/templates/__init__.py
src/gulp/api/mapping/templates/ecs_template.json
src/gulp/api/opensearch/__init__.py
src/gulp/api/opensearch/filters.py
src/gulp/api/opensearch/sigma.py
src/gulp/api/opensearch/structs.py
src/gulp/api/server/__init__.py
src/gulp/api/server/db.py
src/gulp/api/server/enrich.py
src/gulp/api/server/glyph.py
src/gulp/api/server/highlight.py
src/gulp/api/server/ingest.py
src/gulp/api/server/link.py
src/gulp/api/server/note.py
src/gulp/api/server/object_acl.py
src/gulp/api/server/operation.py
src/gulp/api/server/query.py
src/gulp/api/server/server_utils.py
src/gulp/api/server/storage.py
src/gulp/api/server/structs.py
src/gulp/api/server/user.py
src/gulp/api/server/user_group.py
src/gulp/api/server/utility.py
src/gulp/api/server/ws.py
src/gulp/mapping_files/__init__.py
src/gulp/mapping_files/apache_access_clf.json
src/gulp/mapping_files/apache_error_clf.json
src/gulp/mapping_files/autopsy_usbdevices.json
src/gulp/mapping_files/autopsy_webform_autofill.json
src/gulp/mapping_files/autopsy_webhistory.json
src/gulp/mapping_files/chrome_history.json
src/gulp/mapping_files/chrome_webdata.json
src/gulp/mapping_files/firefox_sqlite.json
src/gulp/mapping_files/hayabusa_csv.json
src/gulp/mapping_files/jlecmd_csv.json
src/gulp/mapping_files/lecmd_csv.json
src/gulp/mapping_files/lin_syslog.json
src/gulp/mapping_files/mem_proc_fs.json
src/gulp/mapping_files/mftecmd_csv.json
src/gulp/mapping_files/otel.json
src/gulp/mapping_files/pcap.json
src/gulp/mapping_files/pecmd_csv.json
src/gulp/mapping_files/plaso_csv.json
src/gulp/mapping_files/recent_file_cache_parser_csv.json
src/gulp/mapping_files/srumecmd.json
src/gulp/mapping_files/suricata.json
src/gulp/mapping_files/systemd_journal.json
src/gulp/mapping_files/volatility_csv.json
src/gulp/mapping_files/wazuh.json
src/gulp/mapping_files/windows.json
src/gulp/mapping_files/zeek.json
src/gulp/plugins/__init__.py
src/gulp/plugins/apache_access_clf.py
src/gulp/plugins/apache_error_clf.py
src/gulp/plugins/chrome_history_sqlite_stacked.py
src/gulp/plugins/chrome_webdata_sqlite_stacked.py
src/gulp/plugins/csv.py
src/gulp/plugins/eml.py
src/gulp/plugins/enrich_abuse.py
src/gulp/plugins/enrich_circl_hash.py
src/gulp/plugins/enrich_example.py
src/gulp/plugins/enrich_whois.py
src/gulp/plugins/iis_access.py
src/gulp/plugins/iis_access_ncsa.py
src/gulp/plugins/iis_access_w3c.py
src/gulp/plugins/json.py
src/gulp/plugins/lin_syslog.py
src/gulp/plugins/mbox.py
src/gulp/plugins/mem_proc_fs.py
src/gulp/plugins/mem_proc_fs_ntfs.py
src/gulp/plugins/mem_proc_fs_web.py
src/gulp/plugins/mysql_error.py
src/gulp/plugins/mysql_general.py
src/gulp/plugins/pcap.py
src/gulp/plugins/pfsense.py
src/gulp/plugins/query_elasticsearch.py
src/gulp/plugins/raw.py
src/gulp/plugins/regex.py
src/gulp/plugins/sqlite.py
src/gulp/plugins/stacked_example.py
src/gulp/plugins/stacked_on_stacked_example.py
src/gulp/plugins/suricata_fast_log.py
src/gulp/plugins/systemd_journal.py
src/gulp/plugins/teamviewer_regex_stacked.py
src/gulp/plugins/win_evtx.py
src/gulp/plugins/win_pe.py
src/gulp/plugins/win_reg.py
src/gulp/plugins/zip.py
src/gulp/plugins/extension/__init__.py
src/gulp/plugins/extension/ai_assistant.py
src/gulp/plugins/extension/bridge_manager.py
src/gulp/plugins/extension/example_chunk_callbacks.py
src/gulp/plugins/extension/example_extension.py
src/gulp/plugins/extension/otel_receiver.py
src/gulp/plugins/ui/example_ui_plugin.tsx
src/gulp/plugins/ui/example_ui_plugin.tsx.json
src/gulp/plugins/ui/example_ui_send_data_plugin.tsx
src/gulp/plugins/ui/example_ui_send_data_plugin.tsx.json
src/mentat_gulp.egg-info/PKG-INFO
src/mentat_gulp.egg-info/SOURCES.txt
src/mentat_gulp.egg-info/dependency_links.txt
src/mentat_gulp.egg-info/entry_points.txt
src/mentat_gulp.egg-info/requires.txt
src/mentat_gulp.egg-info/top_level.txt
test_scripts/__init__.py
test_scripts/count_data_chunk.py
test_scripts/count_json.py
test_scripts/count_lines.py
test_scripts/count_strings.py
test_scripts/create_mutated_raw.py
test_scripts/evtx_count.py
test_scripts/ingest.py
test_scripts/ingest_raw.py
test_scripts/log_into_devcontainer.sh
test_scripts/query_external.py
test_scripts/run_tests.sh
tests/__init__.py
tests/conftest.py
tests/sigma_match_all.yml
tests/sigma_windows.zip
tests/sigma_windows_small.zip
tests/test_ingest_zip.zip
tests/e2e/test_workflows.py
tests/integration/test_acl.py
tests/integration/test_auth.py
tests/integration/test_collab.py
tests/integration/test_db.py
tests/integration/test_enrich.py
tests/integration/test_ingest_win_evtx.py
tests/integration/test_operations.py
tests/integration/test_plugins.py
tests/integration/test_queries.py
tests/integration/test_storage.py
tests/integration/test_stress.py
tests/integration/test_users.py
tests/integration/test_ws_collab_notifications.py
tests/integration/test_ws_notifications_wait.py
tests/integration/test_ws_user_notifications.py
tests/unit/test_ws_api.py
tests_old/README.md
tests_old/__init__.py
tests_old/smoke_test.sh
tests_old/test_db.py
tests_old/test_glyph.py
tests_old/test_highlight.py
tests_old/test_link.py
tests_old/test_note.py
tests_old/test_operation.py
tests_old/test_storage.py
tests_old/test_tag_documents.py
tests_old/test_user.py
tests_old/test_user_group.py
tests_old/test_utility.py
tests_old/test_ws_client_data.py
tests_old/user.png
tests_old/enrich/test_enrich_abuse.py
tests_old/enrich/test_enrich_circl_hash.py
tests_old/enrich/test_enrich_whois.py
tests_old/extension/__init__.py
tests_old/extension/test_ai_assistant.py
tests_old/ingest/__init__.py
tests_old/ingest/raw_chunk.json
tests_old/ingest/test_ingest.py
tests_old/ingest/test_ingest_zip.zip
tests_old/query/__init__.py
tests_old/query/test_query_api.py
tests_old/query/test_query_external_elasticsearch.py
tests_old/query/test_query_external_wazuh.py
tests_old/query/sigma/Microsoft-Windows-Sysmon%4Operational.evtx
tests_old/query/sigma/Microsoft-Windows-Windows Defender%4Operational.evtx
tests_old/query/sigma/match_all.yaml
tests_old/query/sigma/match_some.yaml
tests_old/query/sigma/match_some_more.yaml
tests_old/query/sigma/win_defender_threat.yml
tests_old/query/sigma/windefend_test.yml
tests_old/query/sigma/windows.zip
tests_old/query/sigma/windows_small.zip