User Profile

m0l0ch

Copper Contributor

Joined 6 years ago

2 Posts4 Likes

View All Badges

User Widgets

Recent Discussions

How to add 'Microsoft-Windows-Sysmon' events to table 'SysmonEvent'?
Hi everyone. How to add 'Microsoft-Windows-Sysmon' events to table 'SysmonEvent'? I've try to setup it in my env w/ Win10, but Sysmon logs collected to 'Events' table only. What I did wrong? Environment: - Azure Sentinel instance - Data collector Security Events - Minimal. -Advanced settings: * Connected SourcesWindows Agent (64 bit) installed on Win10 * Data Windows events 'Microsoft-Windows-Sysmon/Operational'
Mar 14, 2019 Place Microsoft Sentinel
5.3KViews
3likes
4Comments

Groups

Recent Blog Articles

No content to show