Giters
olafhartong
/
sysmon-modular
A repository of sysmon configuration modules
Geek Repo:
Geek Repo
Github PK Tool:
Github PK Tool
Stargazers:
2503
Watchers:
164
Issues:
98
Forks:
568
olafhartong/sysmon-modular Issues
FileDelete Issue, cannot remove C:\Sysmon locked .dlls
Updated
2 months ago
Comments count
4
Error 255 appears, please help me figure it out.
Updated
2 months ago
Comments count
2
Config causing 35 second delay opening modern MS Office file formats (.docx & .xlsx etc)
Updated
3 months ago
FileDelete vs. FileDeleteDetected inconsistent
Closed
3 months ago
Comments count
2
Incorrect rule format?
Updated
3 months ago
User condition in exclusions for RegistryEvents
Updated
4 months ago
Exclusion Trend Micro WFBS
Updated
5 months ago
Duplicates
Updated
6 months ago
KAV exclusion
Updated
7 months ago
XML Issue with sysmonconfig-excludes-only.xml
Updated
7 months ago
Suggested additions to Microsoft Defender ProcessCreation event
Updated
9 months ago
Suggested additions to TrendMicro ProcessCreation event exclusion
Updated
9 months ago
Super verbose config missing from Azure Pipelines
Updated
10 months ago
In line 1616 could be a typo
Closed
a year ago
Comments count
1
TYPO?
Closed
a year ago
Comments count
1
Default config - file deletes are being archived
Closed
a year ago
Comments count
4
Event ID 8 - CreateRemoteThread - Appends to bottom of config
Updated
a year ago
Sysmon 14.14 - Anti-Tamper Controls?
Updated
a year ago
Comments count
3
Repo Folder index
Updated
a year ago
Managing multiple customer config example
Updated
a year ago
Too many Splunk Forwarder Events in base Sysmon Config
Updated
a year ago
Comments count
5
Include Top Level Groups not working?
Closed
a year ago
Comments count
2
Does sysmon-modular has the compatibility to be used for the SysmonForLinux?
Updated
a year ago
Comments count
1
Merged file include vs exclude ordering
Updated
a year ago
sysmonconfig-research.xml configuration block, delete exe file
Updated
2 years ago
Intercepting deleted files
Updated
2 years ago
Comments count
1
Own Microsoft Sentinel Workbook is planned? Or recommended Microsoft Sentinel Workbook?
Updated
2 years ago
ExcludeList not working ?
Updated
2 years ago
Comments count
1
Issue creating a CONFIG XML
Closed
2 years ago
Comments count
1
Something wrong in latest commit
Closed
2 years ago
Comments count
4
HKCU - Additional Files
Closed
2 years ago
Comments count
3
File create events with include_electron_app_injection.xml module
Closed
2 years ago
Comments count
1
Excluding __PSScriptPolicyTest_ files
Closed
2 years ago
Comments count
1
contains all with only one value
Closed
2 years ago
Comments count
1
Rule Group Relation in Network Connect / include_relaying.xml
Closed
2 years ago
Comments count
2
Double quotes possibly mess up the filtering
Updated
2 years ago
HKCU Registry
Closed
2 years ago
Comments count
2
Event 10 version 1320
Closed
2 years ago
Comments count
2
overlaping rule causing alot of 12/13 events
Closed
2 years ago
Comments count
1
Include file format: merge full directories
Closed
2 years ago
Comments count
1
Schema Version Upgrade to 4.81
Updated
2 years ago
Comments count
1
Potential typo (Line 1508 in sysmonconfig.xml)
Closed
2 years ago
error with merging script line 137/char13
Closed
3 years ago
Comments count
1
"Trusted Script Proxy Exectuion" or "Trusted Script Proxy Execution"
Closed
3 years ago
Comments count
2
Bug GroupRelation
Closed
3 years ago
Comments count
3
Events id12 with version 13.10
Closed
3 years ago
Comments count
4
Incompatible configuration with Sysmon 13.21
Closed
3 years ago
Comments count
3
Thousands of "network connect" logs on single RDP (port 3389) connection
Closed
3 years ago
Comments count
2
Source file name in XML
Closed
3 years ago
Comments count
1
FileDelete instead of FileDeleteDetection?
Closed
3 years ago
Previous
Next