sysmon

Sysmon and wazuh integration with Sigma sysmon rules [updated] (by sametsazak)
Add to my DEV experience Wazuh Sysmon Ossec security-tools Security sysmon-config wazuh-manager Sigma
Source Code
sysmon Reviews
Suggest alternative
Edit details
Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
Sponsored

Sysmon Alternatives

Similar projects and alternatives to sysmon based on common topics and language

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better sysmon alternative or higher similarity.
Suggest an alternative to sysmon

sysmon reviews and mentions

Posts with mentions or reviews of sysmon. We have used some of these posts to build our list of alternatives and similar projects.
  • Help Me Understand This Level 12 Sysmon Rule
    1 project | /r/Wazuh | 3 May 2022
    Alright, I'm in the process of setting up wazuh for my organization. It's been working well with the default alerts it comes with. I wanted to try ingesting and alerting on sysmon logs so I added sysmon to a test endpoint (an IT workstation), added the necessary lines to ossec.conf, and added the ruleset mentioned here to the wazuh manager (local_rules.xml). Seems to be working, I see sysmon logs in wazuh and am now being overwhelmed by this level 12 alert...
  • Wazuh or Wazuh and Graylog?
    1 project | /r/sysadmin | 8 Apr 2022
    Wazuh can do a lot for you regarding Win events: - https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/how-to-collect-wlogs.html - https://wazuh.com/blog/learn-to-detect-threats-on-windows-by-monitoring-sysmon-events/ - https://github.com/sametsazak/sysmon

Stats

Basic sysmon repo stats
2
55
1.8
almost 3 years ago

sametsazak/sysmon is an open source project licensed under GNU General Public License v3.0 only which is an OSI approved license.

Popular Comparisons

  1. sysmon VS wazuh-ruleset
  2. sysmon VS fim
  3. sysmon VS wazuh-dashboard-plugins
  4. sysmon VS wazuh-documentation
  5. sysmon VS wazuh-docker

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com