Sysmon configuration file template with default high-quality event tracing
Config for sysmon to make sure important events are actually making it into the logs: https://github.com/SwiftOnSecurity/sysmon-config
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.
Installing Sysmon Using PowerShell Invoke-Command
1 project | reddit.com/r/PowerShell | 25 Jun 2022
Integrating Sysmon events with Crowdsec
2 projects | reddit.com/r/CrowdSec | 16 May 2022
Security Cadence: Sysmon (Logging Part 2 out of ?????)
4 projects | reddit.com/r/sysadmin | 16 May 2022
Sysmon DNS Queries Issues
1 project | reddit.com/r/blueteamsec | 28 Mar 2022
What's your approach to gathering data for DFIR analysis, and how much data do you typically gather?
2 projects | reddit.com/r/cybersecurity | 26 Mar 2022