Currently trialling Threatlocker which is an application whitelisting channel product. They have an integration with Splunk it would be good to see if the log data can be ingested into Perch from this.