Security Cadence: Sysmon (Logging Part 2 out of ?????)

This page summarizes the projects mentioned and recommended in the original post on /r/sysadmin

Our great sponsors
  • Onboard AI - Learn any GitHub repo in 59 seconds
  • SonarQube - Static code analysis for 29 languages.
  • Revelo Payroll - Free Global Payroll designed for tech teams
  • InfluxDB - Collect and Analyze Billions of Data Points in Real Time
  • sysmon-config

    Sysmon configuration file template with default high-quality event tracing

    There are also some excellent sample configuration files out there, and -in my opinion- the best of them is from Swift on Security: https://github.com/SwiftOnSecurity/sysmon-config

  • sysmon-modular

    A repository of sysmon configuration modules

    Another really excellent resource (also called out by Swift) is Olaf Hartong’s Sysmon-Modular project: https://github.com/olafhartong/sysmon-modular As well as having a few full configs, Olaf’s project has modular XML configurations for each supported Sysmon Event ID. This can be incredibly helpful for fine tuning your configs.

  • Onboard AI

    Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.

  • SysmonForLinux

    Did you know that Sysmon is so fantastic that Microsoft ported it to Linux? They sure did and it is awesome. It can be found here: https://github.com/Sysinternals/SysmonForLinux

  • SysmonTools

    Utilities for Sysmon

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts