LogRhythm-Labs / Microsoft-SysMon-configLinks
Sysmon configuration file template with default high-quality event tracing
☆20Updated 4 years ago
Alternatives and similar repositories for Microsoft-SysMon-config
Users that are interested in Microsoft-SysMon-config are comparing it to the libraries listed below
Sorting:
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated 2 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆54Updated 3 years ago
- Elastic Beat for fetching and shipping Office 365 audit events☆67Updated 4 years ago
- Office365 Log Analysis Framework☆81Updated 6 years ago
- Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring☆117Updated 5 years ago
- Cloud Templates and scripts to deploy mordor environments☆129Updated 4 years ago
- Security Monitoring Resolution Categories☆138Updated 3 years ago
- Powering Up Incident Response with Power-Response☆63Updated 5 years ago
- Parser for Windows PowerShell script block logs☆99Updated 11 months ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆166Updated 6 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Updated 7 years ago
- Security-Focused O365 Management and Log Scripts☆62Updated 2 years ago
- ATT&CK Remote Threat Hunting Incident Response☆203Updated 7 months ago
- Collection of resources related to the Center for Threat-Informed Defense☆76Updated last year
- Deploy and maintain Symon through the Splunk Deployment Sever☆31Updated 5 years ago
- ☆54Updated 4 years ago
- Invoke-LiveResponse☆149Updated 3 years ago
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆42Updated 2 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 3 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆111Updated 5 years ago
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆159Updated 2 years ago
- Tools to automate and/or expedite response.☆115Updated last year
- Purple Team Security☆75Updated 3 years ago
- Scripts for comparing Microsoft Windows compliance with the ASD 1709 & Office 2016 Hardening Guides☆160Updated 5 years ago
- A series of scripts☆100Updated 3 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆110Updated 5 years ago
- ☆42Updated 4 years ago
- Splunk TA for alert action to TheHive-project☆11Updated 5 years ago
- ☆77Updated 6 years ago
- ☆21Updated 4 years ago