Blog Post

Sysinternals Blog
1 MIN READ

Sysmon v15.14

Alex_Mihaiuc's avatar
Alex_Mihaiuc
Icon for Microsoft rankMicrosoft
Feb 13, 2024
Sysmon v15.14 This update to Sysmon resolves a service crash on configuration change and a rare system crash.  
Published Feb 13, 2024
Version 1.0
Shane_King's avatar
Shane_King
Copper Contributor
May 01, 2024

Hi Alex_Mihaiuc 

I asked this on the MS Learn site as well but not sure if it was the correct place to ask so here it is again.

I'm having trouble getting the service name to change. I am running Sysmon v15.14 and have the following config entries:

 

 

<Sysmon schemaversion="4.90">
	<DriverName>AudiusSv</DriverName>
	<EventFiltering>

		<RuleGroup name="" groupRelation="or">
			<ProcessCreate onmatch="include" />
		</RuleGroup>

		<RuleGroup name="" groupRelation="or">
			<ProcessTerminate onmatch="include" />
		</RuleGroup>

	</EventFiltering>
</Sysmon>

 

 No matter what I name the service, it has no effect. The service is always named Sysmon64 and the driver is always SysmonDrv.