Sysmon-DFIR
AboutBlogsCommunity GuideDeploy SysmonELKGeneralGravwellGraylogMicrosoft System CenterPresentationsRSA NetwitnessSplunkSysmon Configuration FilesSysmon Github ProjectsUtilities

RSA Netwitness

Nov 29, 2023

  • Log - Sysmon 6 Windows Event Collection - Eric Partington

Sysmon-DFIR

  • Sysmon-DFIR
  • MHaggis
  • M_Haggis

A curated and bespoke list of resources for learning about deploying, managing and hunting with Microsoft Sysmon. Contains presentations, deployment methods, configuration file examples, blogs and additional GitHub repositories.