search

SwiftOnSecurity / sysmon-config

Sysmon configuration file template with default high-quality event tracing
4.73k stars 1.69k forks source link

update configuration #132

Open Achi79 opened 3 years ago

Achi79 commented 3 years ago

Hi @all, is it planned to extend the configuration with event id 23?

bodysoda commented 3 years ago

Yes, I am also interested to capture event id 23 (file Delete)