Skip to content
/ ElasticSearch-using-Sysmon Public

A step-by-step guide for setting up an SIEM using the Elastic Web Portal and Sysmon. You will learn how to generate security events on the windows machine, set up Sysmon on your windows machine. Generate few events by writing few commands on Windows PowerShell and forward records to the SIEM, and query and analyze the logs using Kibana in the SIEM.

medium.com/@hamsnoesnothin/elastic-soc-homelab-using-sysmon-321577b5e9d4
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hamsycodes/ElasticSearch-using-Sysmon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 

Repository files navigation

ElasticSearch-using-Sysmon

A step-by-step guide for setting up an SIEM using the Elastic Web Portal and Sysmon. You will learn how to generate security events on the windows machine, set up Sysmon on your windows machine. Generate few events by writing few commands on Windows PowerShell and forward records to the SIEM, and query and analyze the logs using Kibana in the SIEM.

Below I have pasted the link for the entire blogpost.

Recent Article 2

About

A step-by-step guide for setting up an SIEM using the Elastic Web Portal and Sysmon. You will learn how to generate security events on the windows machine, set up Sysmon on your windows machine. Generate few events by writing few commands on Windows PowerShell and forward records to the SIEM, and query and analyze the logs using Kibana in the SIEM.

medium.com/@hamsnoesnothin/elastic-soc-homelab-using-sysmon-321577b5e9d4

Topics

security elasticsearch kibana cybersecurity sysmon elk-stack

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published