Name		Name	Last commit message	Last commit date
Latest commit History 133 Commits
.gitignore		.gitignore
README.md		README.md
v4.0_sysmonconfig-export.xml		v4.0_sysmonconfig-export.xml
v4.3_sysmonconfig-export.xml		v4.3_sysmonconfig-export.xml
v4.5_sysmonconfig-export.xml		v4.5_sysmonconfig-export.xml
v4.88_sysmonconfig-export.xml		v4.88_sysmonconfig-export.xml

Repository files navigation

目的

config適用して、splunk関連の起動プロセスのログが記録されなくするための参考。

sysmon config 参考

本家SwiftOnSecurityのsysmon-configにSplunk関連のProcessCreationのみ除外(exclude)したものを用意
4.3以降は、olafhartong/sysmon-modularのルールを一部参考

sysmon-configの元Version

4.5 (EventCode=23,24,25対応)
4.3 (EventCode=22対応)
4.0

About

sysmon with excluding splunk proccess

Report repository

Releases

No releases published

Packages

No packages published