Does anyone know of any documentation that sat Sysmon fields translate to what MDE event fields? Looking to repurpose some Sysmon queries for MDE events and I have not been able to find any docs that shows what Sysmon fields translate to what MDE events fields.
Thx
