Trying to track down processes that are triggering suspicious TLD connections, but Event 22 logs are not generating in Event Viewer. I can see other Sysmon logs. Running Windows 10 and have already tried disabling antivirus. Anyone encountered this before or know what the solution is?

Reinstalled Sysmon with a fresh copy of the sysmonconfig-export seemed to do the trick. Not sure what the problem was.