- fixes skips filtering on Windows 7 (fs / dll events) - kstreamc now keeps a separate thread map to bind thread to it's process
0.7.1
- spying on a specific process image (`--image` flag) - file system output - configuration file validation through schema definition - fixed C to Python data type castings
0.7.0
- integration with YARA tool - standalone Windows installer - minor bug fixes and code refactoring
0.6.1
- support for `RenameFile` and `SetFileInformation` kernel events - `pid` and `file_object` fields in file system events - filament processing in thread context - several bug fixes
0.6.0
- high performance GIL-free kernel event stream collector - image meta registry provides PE (Portable Exectuable) headers, sections, imports, file information, etc - streaming kernel events to multiple output sinks - switched to `logbook` for detailed startup logging info
0.4.1
- authentication support for elasticsearch output adapter