issues
search
SwiftOnSecurity
/
sysmon-config
Sysmon configuration file template with default high-quality event tracing
4.65k
stars
1.68k
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Loldrivers extension
#193
khulnasoft-bot
opened
1 week ago
0
Where are Windows Event ID???
#192
piExpr
opened
2 weeks ago
0
LSA Credential Guard
#191
piExpr
opened
2 weeks ago
0
Sysmonconfig XML error log when attempting to install.
#190
SysAdminNoob
opened
4 months ago
0
Can help show me the code how to sysmon use eventID 23, 26 ?
#189
sokvathana
opened
6 months ago
1
sysmon erronious sysmon not installed error
#188
snsdevelopment2
opened
11 months ago
0
Add overview documentation for Sysmon configuration
#187
jsypower
opened
11 months ago
0
Patch FileCreate include - Capture .xsl instead of .xls
#186
jsypower
opened
11 months ago
0
Sysmon Installation Issue - wevtutil.exe returned failure
#185
FleetwoodBat
opened
11 months ago
2
Exclude _PSSCRIPTPOLICYTEST_xxxxx.ps1 in fullfilepath in AppLocker events from forwarding to WEC
#184
divadiow
opened
1 year ago
0
Sysmon v15.0 & 29 Events
#183
Achi79
opened
1 year ago
2
Loldrivers extension
#182
Neo23x0
closed
1 year ago
1
Incorrect XML Configuration - Sysmon 14.16
#181
eastcoastnjdc
opened
1 year ago
0
Accept EULA cannot combine with loading a config
#180
HenkPoley
opened
1 year ago
1
Line 239 registry formatting
#179
kevinelwell
opened
1 year ago
0
28 Event ID...
#178
Achi79
opened
1 year ago
1
Event 22 DNS Query issue - not generating event from browsers
#177
patzak88
opened
1 year ago
12
Add pwsh.exe to list of suspicious Windows tools
#176
connorcarnes
opened
1 year ago
0
Sysmon 14.13: Crash with sysmon-config on Windows 2012 R2
#175
cmengle-ipc
closed
1 year ago
1
Added Installscript
#174
bytew0lf
opened
1 year ago
0
Include vs Exclude precedence
#173
ag-michael
closed
1 year ago
1
Fix few bugs
#172
jatgh
closed
1 year ago
0
config causing 35 second delay opening modern MS Office file formats (.docx & .xlsx etc)
#171
Guyver1wales
opened
1 year ago
0
Many errors when install
#170
MrAndrii
opened
1 year ago
1
Capturing deleted files
#169
harryray33
opened
1 year ago
0
Outdated link inside the sysmon-config
#168
mab0189
opened
2 years ago
1
Event 22 not generating
#167
cyberminded
closed
2 years ago
1
Event Id 10 not being generated
#166
neverkknown
opened
2 years ago
1
Sysmon for Linux
#165
reuvygroovy
opened
2 years ago
3
Add some "TargetFilename" in "SYSMON EVENT ID 15" section
#164
matcha-shake
opened
2 years ago
0
Own Microsoft Sentinel Workbook is planned? Or recommended Microsoft Sentinel Workbook?
#163
michalzobec
opened
2 years ago
2
Parser error with Sysmon v13.32 installation/configuration
#162
j8ter
opened
2 years ago
0
About powershell cmdlet module
#161
fullzlop
opened
2 years ago
0
Update the Antivirus Tampering configuration, using general condition
#160
hieuttmmo
opened
2 years ago
1
test
#159
w09rkerbee
opened
2 years ago
1
Installed sysmon cannot see any event logs
#158
zhex900
closed
2 years ago
1
Detect AV exclusions made in Policy Key
#157
f-bader
closed
2 years ago
0
Add Splunk exclusions per sysmon-modular
#156
DustyMMiller
opened
2 years ago
1
Registry key to detect definitions of Windows Defender Exclusions
#155
phantinuss
opened
3 years ago
0
Outlook Webview URL changes
#154
humpalum
opened
3 years ago
0
Event id 26
#153
Richman711
closed
2 years ago
0
EVENT ID 23 example typo
#152
Richman711
closed
2 years ago
0
Important and relevant NamedPipe names
#151
Neo23x0
closed
2 years ago
6
Added named pipe used by Cobalt Strike
#150
WojciechLesicki
opened
3 years ago
0
Fix FileDelete example.
#149
sigalpes
opened
3 years ago
0
Add exclusion for WUDFHost.exe to Event 11
#148
lord-garmadon
opened
3 years ago
0
Corrected event name for Event ID 23
#147
lord-garmadon
opened
3 years ago
0
Monitor for .js files for Microsoft JScript
#146
KevinDeNotariis
opened
3 years ago
0
Added WinRM ports and Service names
#145
tobor88
opened
3 years ago
0
Add ASP files for webshells
#144
GossiTheDog
opened
3 years ago
0
Next