-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sysmon v15.0 & 29 Events #183
Comments
I would also like to see this config update to include these new events. The default config that ships with sysmon isn't nearly as powerful as this one. |
The template has been very helpful, though guidance for the new event IDs would be appreciated. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This update to Sysmon, an advanced host security monitoring tool, sets the service to run as a protected process, hardening it against tampering, adds a new event, FileExecutableDetected, for when new executable images are saved to files, and fixes a system hang occurring in certain situations due to an interaction between network and file system events.
There are now 29 events. Will this config be updated?
The text was updated successfully, but these errors were encountered: