Support for JSON

[tdesrochers]

This tool is amazing. Is there any plan to support JSON so this would be used after data has processed and landed in a data lake or hung off kafka to view an entire Enterprise worth of devices? Exporting the data and loading it using response tools works for individual investigations but this would be great on an enterprise scale.

[nshalabi]

Thank you for your feedback,

The tool was meant to be used in a malware analysis lab machine, there are many other solutions that would be much better at doing incident response at an Enterprise scale, however for Sysmon View, this would be an overkill: I tried consuming logs before from Splunk, and Sysmon View had this feature experimentally for some time, but decided to remove it as it didn't bring any value.

Much appreciated,