GitHub

Install

Run with administrator rights

sysmon.exe -accepteula -i sysmon-swift.xml

Uses Swift on Security by default, but has Olaf Hartong's modular variations for defender and research configs.

Quickstart: run one of the onboarding scripts ".\onboard_mde.ps1" ".\onboard_swift.pa1" ".\onboard_research.ps1"

# Install direct, If you like to party:
iwr https://raw.githubusercontent.com/mellonaut/sysmon/main/onboard_swift.ps1 | iex
iwr https://raw.githubusercontent.com/mellonaut/sysmon/main/onboard_mde.ps1 | iex
iwr https://raw.githubusercontent.com/mellonaut/sysmon/main/onboard_research.ps1 | iex

Update existing configuration

Run with administrator rights

sysmon.exe -c sysmon-swift.xml
sysmon.exe -c sysmon-augment.xml
sysmon.exe -c sysmon-research.xml

Uninstall

Run with administrator rights

sysmon.exe -u

� �

Name		Name	Last commit message	Last commit date
Latest commit History 27 Commits
Tools		Tools
kql		kql
sysmon		sysmon
.gitignore		.gitignore
Eula.txt		Eula.txt
README.md		README.md
onboard_mde.ps1		onboard_mde.ps1
onboard_research.ps1		onboard_research.ps1
onboard_swift.ps1		onboard_swift.ps1
sysmon-mde.xml		sysmon-mde.xml
sysmon-research.xml		sysmon-research.xml
sysmon-sideloads.xml		sysmon-sideloads.xml
sysmon-swift.xml		sysmon-swift.xml
sysmon.zip		sysmon.zip

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Install

Update existing configuration

Uninstall

About

Releases

Packages

Languages

MelloSec/sysmon

Folders and files

Latest commit

History

Repository files navigation

Install

Update existing configuration

Uninstall

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages