sysmon-logs

Here are 5 public repositories matching this topic...

Language:All

Filter by language

bobby-tablez /Enable-All-The-Logs

This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.

windows log-analysis logging lab sysmon malware-analysis gpo sysmon-config sysmon-logs

UpdatedFeb 10, 2025
PowerShell

yukh1402 /granted-access-converter

Star1

The Granted Access Converter is a utility designed to help users understand and interpret the GrantedAccess values found in Sysmon Event ID 10 logs.

windows cybersecurity sysmon cyber-security sysmon-config windows-security sysmon-logs windows-logs

UpdatedMar 31, 2023
HTML

SUmidcyber /SysmonThreatHunt

Star0

Sysmon XML Configuration for Advanced Threat Detection.

cybersecurity malware-analysis hacker sysmon-logs

UpdatedFeb 22, 2025

leesk212 /Sysmon-ELK-Stack_with-viroustotal_API

Star0

Sysmon logs in the window environment are received from a computer in another environment through winlogbeat through Logstash, and then repositioned in Elasticsearch and displayed in PyQt.

docker elasticsearch kibana logstash whitelist pyqt5 elk yml winlogbeat sysmon-el-pyqt sysmon-logs