About Blogs Community Guide Deploy Sysmon ELK General Gravwell Graylog Microsoft System Center Presentations RSA Netwitness Splunk Sysmon Configuration Files Sysmon Github Projects Utilities

Splunk

Nov 29, 2023

Splunk

Sysmon FTW! - Tom Ueltschi
TA-Sysmon-deploy - @olafhartong
Sysmon App for Splunk - @Jarrettp & @MHaggis
Sysmon-Threat-Intel - App - Jarrett Polcari @jarrettp
Splunk App to assist Sysmon Threat Hunting - Mike Haag
Splunking the Endpoint - Files from presentation - James Brodsky & Dimitri McKay

Sysmon-DFIR

Sysmon-DFIR

MHaggis
M_Haggis

A curated and bespoke list of resources for learning about deploying, managing and hunting with Microsoft Sysmon. Contains presentations, deployment methods, configuration file examples, blogs and additional GitHub repositories.