ceramicskate0 sysmon-config issues

ceramicskate0 / sysmon-config

CeramicSkate0 Sysmon configuration fork file template with default high-quality event tracing

https://github.com/ceramicskate0/sysmon-config

9 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

I'd 12-14 include

#97 ceramicskate0 opened 1 year ago
0
I'd 11 include

#96 ceramicskate0 opened 1 year ago
0
id 13 12 exclude

#95 ceramicskate0 opened 1 year ago
0
id 17 18 exclude

#94 ceramicskate0 opened 1 year ago
0
id 11 exclude

#93 ceramicskate0 opened 1 year ago
0
id 7 add

#92 ceramicskate0 opened 1 year ago
0
id 11 exclude

#91 ghost closed 1 year ago
0
id 12 exclude

#90 ghost opened 1 year ago
0
id 5 exclude

#89 ghost closed 1 year ago
0
Look at adding rules from olafhartong-sysmonconfig.xml

#88 ghost opened 1 year ago
0
CLR Usage log

#87 ghost opened 1 year ago
1
DLL Load ID 7 for .net

#86 ghost closed 1 year ago
1
Event ID 7

#85 ghost closed 1 year ago
0
lsass dumper

#84 ceramicskate0 closed 1 year ago
0
File create event

#83 ghost closed 1 year ago
1
The vulnerable driver blocklist after the October 2022 preview release

#82 ghost closed 1 year ago
3
add locations to monitor for writes and dll runs

#81 ghost closed 1 year ago
1
add to wiki or readme

#80 ghost closed 1 year ago
0
id7 add

#79 ghost closed 1 year ago
0
id 1 exempt

#78 ghost closed 1 year ago
0
exclude id 22

#77 ghost closed 1 year ago
0
id 11 exempt

#76 ghost closed 1 year ago
0
id 3 exempt

#75 ghost closed 1 year ago
0
exclude id 11

#74 ghost closed 1 year ago
0
CFG disable reg key

#73 ghost closed 2 years ago
0
exclude id 11

#72 ceramicskate0 closed 2 years ago
0
exclde id 13

#71 ceramicskate0 closed 2 years ago
0
exclude id 2

#70 ceramicskate0 closed 2 years ago
0
exclude id 22

#69 ceramicskate0 closed 2 years ago
0
refine exclude dllhost id 1

#68 ceramicskate0 closed 2 years ago
0
excluide id 11 2

#67 ceramicskate0 closed 2 years ago
0
exclude id 5

#66 ceramicskate0 closed 2 years ago
0
Exclude id 1

#65 ceramicskate0 closed 2 years ago
0
Exclude id 17 18

#64 ceramicskate0 closed 2 years ago
0
exclude id 5

#63 ceramicskate0 closed 2 years ago
0
exclude id 5

#62 ceramicskate0 closed 2 years ago
0
exclude id 22

#61 ceramicskate0 closed 2 years ago
0
Exclude id1

#60 ceramicskate0 closed 2 years ago
0
Exclude for id 12 and 13

#59 ghost closed 2 years ago
0
need to modify dll hijack's/sideloads

#58 ghost closed 2 years ago
1
filecreate (MEM DUMP to disk)

#57 ceramicskate0 closed 2 years ago
0
add to pipes

#56 ceramicskate0 closed 2 years ago
1
dll sideload

#55 ceramicskate0 closed 2 years ago
0
dll sideload

#54 ceramicskate0 closed 2 years ago
1
dll sideload

#53 ceramicskate0 closed 2 years ago
0
dll sideload

#52 ceramicskate0 closed 2 years ago
0
dll sideload additions

#51 ghost closed 2 years ago
0
any file create evnt with .kirbi

#50 ghost closed 2 years ago
2
reg include event

#49 ceramicskate0 closed 2 years ago
0
exclude event id 22

#48 ghost closed 2 years ago
0