SysmonCommunityGuide
SysmonCommunityGuide copied to clipboard
trustedsec
Changelog Updates
I gathered some details on updates for the changelog, but as I wasn't able to gather feature details for each individual release, I'm not creating a pull request. Here are additions I have been able to quickly gather:
| Version | Schema | Features | Release |
|---|---|---|---|
| Sysmon 13.30 | 4.50 | * Adds user fields for events * Fixes a series of crash-causing bugs * Improves memory usage and management in the driver. |
October 26, 2021 |
| Sysmon 13.24 | 4.50 | ?? | Possibly August 18, 2021? |
| Sysmon 13.23 | 4.50 | ?? | Possibly July 27, 2021? |
| Sysmon 13.22 | 4.50 | ?? | Possibly June 23, 2021? |
| Sysmon 13.21 | 4.50 | ?? | Possibly June 1, 2021? |
| 13.20 | 4.50 | * Adds not begin with and not end with filter conditions* Fixes a regression for rule include/exclude logic |
May 25, 2021 |
| 13.10 | 4.50 | * Adds a FileDeleteDetected rule that logs when files are deleted but doesn't archive * Deletes clipboard archive if event is excluded * Fixes an ImageLoad event bug. |
Wednesday, March 24, 2021 |
| 13.02 | 4.50 | ?? | Wednesday, March 24, 2021 |
Compiled mostly from: Choco version history and Sysinternals documentation
