olafhartong / sysmon-modular Public

Notifications You must be signed in to change notification settings
Fork 589
Star 2.7k

Code
Issues 32
Pull requests 21
Discussions
Actions
Projects
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Wiki
Security
Insights

Issues: olafhartong/sysmon-modular

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

32 Open 68 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Assigned to nobody

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Issues list

typo event 13 T1562.002 Disable Windows Event Logging

#209 opened Oct 8, 2024 by wildebras

#208 opened Oct 7, 2024 by cyb3rxp

FileDelete Issue, cannot remove C:\Sysmon locked .dlls

#200 opened Mar 19, 2024 by deathrig07

Config causing 35 second delay opening modern MS Office file formats (.docx & .xlsx etc)

#199 opened Mar 8, 2024 by smogm

Error 255 appears, please help me figure it out.

#198 opened Mar 1, 2024 by h3nkbleck

Incorrect rule format?

#197 opened Feb 26, 2024 by 3ch035

User condition in exclusions for RegistryEvents

#196 opened Feb 7, 2024 by schwf5

Exclusion Trend Micro WFBS

#194 opened Dec 21, 2023 by s3-schneider

Duplicates

#193 opened Nov 24, 2023 by PiRomant

KAV exclusion

#190 opened Nov 3, 2023 by PiRomant

XML Issue with sysmonconfig-excludes-only.xml

#187 opened Oct 11, 2023 by jvossler

#185 opened Aug 21, 2023 by cyb3rxp

#184 opened Aug 21, 2023 by cyb3rxp

Super verbose config missing from Azure Pipelines

#178 opened Jul 28, 2023 by Korving-F

Event ID 8 - CreateRemoteThread - Appends to bottom of config

#173 opened May 24, 2023 by Cyber74-Brian-McCaleb

Repo Folder index

#168 opened Mar 6, 2023 by afg-jmck

Sysmon 14.14 - Anti-Tamper Controls?

#167 opened Feb 27, 2023 by bobby-mack

Managing multiple customer config example

#163 opened Jan 26, 2023 by oddieHA

Does sysmon-modular has the compatibility to be used for the SysmonForLinux?

#155 opened Nov 25, 2022 by jayzheng98

Too many Splunk Forwarder Events in base Sysmon Config

#153 opened Nov 23, 2022 by tbalz2319

Merged file include vs exclude ordering

#152 opened Nov 23, 2022 by ag-michael

sysmonconfig-research.xml configuration block, delete exe file

#151 opened Nov 1, 2022 by webdevbeginner

Own Microsoft Sentinel Workbook is planned? Or recommended Microsoft Sentinel Workbook?

#150 opened Oct 28, 2022 by michalzobec

Intercepting deleted files

#149 opened Sep 20, 2022 by harryray33

ExcludeList not working ?

#136 opened May 24, 2022 by mtl0n

Previous 1 2 Next

Previous Next

ProTip! Adding no:label will show everything without a label.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly