ConnArtist is a simplified PowerShell script for monitoring network connections on individual machines, allowing security analysts and tech support to efficiently assess network activity. It logs active TCP connections along with their associated processes and optionally captures DNS queries, providing clear logs while filtering out local IP traffic. Users can customize monitoring through simple prompts and utilize features like duplicate detection to streamline log accuracy. The captured data is stored in an organized manner for easy referencing, making ConnArtist a lightweight alternative to complex tools like Wireshark.
ConnArtist is a streamlined, intuitive PowerShell script designed for monitoring network connections on a single endpoint, perfect for security checks and diagnostic tasks.
With ConnArtist, security analysts and sysadmins can swiftly identify unexpected or problematic network activities without needing heavyweight tools like Wireshark.
The script prompts users whether to filter local traffic and capture DNS queries, adjusting its monitoring based on these responses for better log management.
Data captured by ConnArtist is neatly formatted with TCP connections logged to tcp_log.txt and DNS queries to dns_log.txt, ensuring concise and useful logs.
Collection
[
|
...
]