This is the next point release of Velociraptor. This release introduces a number of new features as well as bug fixes and performance enhancements. Thanks everyone for reporting issues through the issue board and Discord!

New Features

• Create a WriteEvent() API to allow API Clients to push events to the server. This appears as part of the normal client monitoring artifacts and can be watched for by the server.
• Many performance optimizations - By default we now optimized for 10k endpoints but it is configurable.
• Ring buffer location is now OS dependent
• Added some remediation artifacts

Bug fixes

• Path minipulation is now more correct - can fully handle path components with path separators in them (e.g. registry keys with / and values with / or \ ).