Skip to content
/ sysmon-config Public
forked from threathunting/sysmon-config

Sysmon configuration file template from SwiftOnSecurity with a few PRs merged and install/updates scripts from threathunting.

1 star 1.7k forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

chalvorson/sysmon-config

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

132 Commits

Auto_update.bat

Auto_update.bat

 
 

README.md

README.md

 
 

install_sysmon.bat

install_sysmon.bat

 
 

sysmonconfig-export.xml

sysmonconfig-export.xml

 
 

Repository files navigation

sysmon-config

Credits to SwiftOnSecurity, ion-storm, ThreatHunting, Beahunt3r, ThisIsNotTheUserYouAreLookingFor, d4rk-d4nph3, Neo23x0, MaxNad, mdunten, and qz8xTD for providing the base fork of this config. Incremental changes have been made to meet my specific needs. Feel free to use or send a pull request.

Source projects:

Use

Auto-Install with Auto Update Script:

Run with administrator rights

install_sysmon.bat

Uninstall

Run with administrator rights

sysmon.exe -u

Event Log Location

All sysmon events are written to

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Sysmon%4Operational.evtx

About

Sysmon configuration file template from SwiftOnSecurity with a few PRs merged and install/updates scripts from threathunting.

Topics

windows logging sysmon sysinternals

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Batchfile 100.0%