Update eventid 1 to handle sysmon v8.00 schema

sans-blue-team / DeepBlueCLI

GNU General Public License v3.0

2.19k stars 355 forks source link

Open tomstott opened 6 years ago

tomstott commented 6 years ago

Updated the logic in deepwhite-collector.ps1 to handle Sysmon v8.00 schema

tomstott commented 6 years ago

also added updates to DeepBlue