Skip to content

Nick-C/Sysmon-Installer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

AppDeployToolkit

AppDeployToolkit

 
 

Files

Files

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

Deploy-Application.exe

Deploy-Application.exe

 
 

Deploy-Application.exe.config

Deploy-Application.exe.config

 
 

Deploy-Application.ps1

Deploy-Application.ps1

 
 

README.md

README.md

 
 

Repository files navigation

Sysmon Deployment

This uses the Powershell App Deployment Toolkit to handle installing and uninstalling Sysmon.

All the code changes are in the Deploy-Application.ps1 file.

Everything else is included for the sake of completeness.

Included sample Sysmon config is from https://github.com/SwiftOnSecurity/sysmon-config

Included Powershell App Deployment Toolkit is version 3.6.9

Included Sysmon.exe is version 6.03

Usage

As with any standard PS App Toolkit, you can call it via either the included .exe or .ps1 This is best installed silently, if you want to show any user popups you will need to modify Deploy-Application.ps1 accordingly.

Installation

Deploy-Application.ps1 -DeploymentType "Install" -DeployMode "Silent"

or

Deploy-Application.exe -DeploymentType "Install" -DeployMode "Silent"

Uninstallation

Deploy-Application.ps1 -DeploymentType "UnInstall" -DeployMode "Silent"

or

Deploy-Application.exe -DeploymentType "UnInstall" -DeployMode "Silent"

About

A Sysmon Install script using the Powershell Application Deployment Toolkit

Topics

windows logging sysmon netsec powershell-script sysinternals

Resources

Readme
Activity

Stars

4 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages