ProcessCreate is missing a field

netevert / sentinel-attack

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

MIT License

1.05k stars 207 forks source link

Closed qc-gordon closed 4 years ago

qc-gordon commented 4 years ago

EventID 1 has 21 fields