chrisdfir/sysmon2splunk
The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.
The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.