sysmon-config
sysmon-config copied to clipboard
SwiftOnSecurity
Didn'n instaled with -n parameters.
Hello! More like default issue: i try to install sysmon with -i and -n options. Every time when i add -n option - it crashes with win error. Any ideas?
Yes this is a known bug, it will be patched in the next version
On Wed, 20 May 2020 at 11:11, slavaNBA [email protected] wrote:
Hello! More like default issue: i try to install sysmon with -i and -n options. Every time when i add -n option - it crashes with win error. Any ideas?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/SwiftOnSecurity/sysmon-config/issues/116, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB6FXC2KDONO3TRO4PBSMATRSONC5ANCNFSM4NFX5ILA .
--
-- https://olafhartong.nl +31 6 20604042
Yes this is a known bug, it will be patched in the next version On Wed, 20 May 2020 at 11:11, slavaNBA @.***> wrote: Hello! More like default issue: i try to install sysmon with -i and -n options. Every time when i add -n option - it crashes with win error. Any ideas? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#116>, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB6FXC2KDONO3TRO4PBSMATRSONC5ANCNFSM4NFX5ILA .
… -- https://olafhartong.nl +31 6 20604042
Thank's for info. But will sysmon still works for network connections (for example as nmap detection activity tool) with this config? Actually i have tried to detect some activity from nmap (Kali linux) using config in the topic with no results. (Using kali on virtual machine)
@olafhartong according to this tweet about the -n switch no longer working on Sysmon v11, Mark Russinovich confirmed that this is intended behavior. Network monitoring can only be enabled using a configuration file.
