Will consist of the search in .spl files.
Blog posts are at the following links:
- https://hurricanelabs.com/splunk-tutorials/splunking-with-sysmon-series-part-1-the-setup/
- https://hurricanelabs.com/splunk-tutorials/splunking-with-sysmon-series-part-2-tuning/
- https://hurricanelabs.com/splunk-tutorials/splunking-with-sysmon-part-3-detecting-psexec-in-your-environment/
- https://hurricanelabs.com/splunk-tutorials/splunking-with-sysmon-part-4-detecting-trickbot/
- C2 Threat Hunting