splunk sysmon events

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/Splunk

Our great sponsors
  • SonarQube - Static code analysis for 29 languages.
  • Scout APM - Truly a developer’s best friend
  • Zigi - Workflow assistant built for devs & their teams
  • InfluxDB - Build time-series-based applications quickly and at scale.
  • sysmon-config

    Sysmon configuration file template with default high-quality event tracing

    Yes absolutely. This is a very common workflow for both. One note is that you need to also find a sysmon config to use as well, and there's no easy way to manage either sysmon or its config through Splunk. Recommendations for a config are either SwiftOnSecurity's or Olaf's SysmonModular. They significantly overlap and work with each other on patches. SwiftOnSecurity's is a better pure drop-in, and Olaf's is better if you want to do customization.

  • sysmon-modular

    A repository of sysmon configuration modules

    Yes absolutely. This is a very common workflow for both. One note is that you need to also find a sysmon config to use as well, and there's no easy way to manage either sysmon or its config through Splunk. Recommendations for a config are either SwiftOnSecurity's or Olaf's SysmonModular. They significantly overlap and work with each other on patches. SwiftOnSecurity's is a better pure drop-in, and Olaf's is better if you want to do customization.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts