Skip to content
/ sysmon-config Public
forked from SwiftOnSecurity/sysmon-config

Sysmon configuration file template with default high-quality event tracing

11 stars 1.7k forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

threathunting/sysmon-config

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

121 Commits
Auto_update.bat
Auto_update.bat
 
 
README.md
README.md
 
 
install_sysmon.bat
install_sysmon.bat
 
 
sysmonconfig-export.xml
sysmonconfig-export.xml
 
 

Repository files navigation

sysmon-config

Credits to SwiftOnSecurity and ion-storm for providing the base fork of this config. Incremental changes have been made to meet my specific needs. Feel free to use or send a pull request.

Use

Auto-Install with Auto Update Script:###

Run with administrator rights

install_sysmon.bat

Uninstall

Run with administrator rights

sysmon.exe -u

Event Log Location

All sysmon events are written to

C:\Windows\System32\winevt\Logs\Microsoft-Windows-Sysmon%4Operational.evtx

About

Sysmon configuration file template with default high-quality event tracing

Resources

Readme
Activity

Stars

11 stars

Watchers

3 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Batchfile 100.0%