Log system activity with System Monitor (Sysmon)

Windows Sysinternals is a resource of advanced system utilities and technical information for IT Pros and developers. Sysinternals utilities help you manage, troubleshoot and diagnose your Windows systems and applications.

The new tool Sysmon is a utility that monitors and reports key system activity via the Windows event log, including detailed information about process creation, network connections and file creation timestamp changes. With Sysmon installed on your systems, you can collect and analyze these events to identify the presence of attackers, and correlate events across your network to track them as they traverse your network.

Download and read more about Sysmon here – http://technet.microsoft.com/en-us/sysinternals/dn798348

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top