This repository holds a selection Splunk detection rules for Sysmon impairment.
The current coverage is for WinEventLog, Sysmon, Powershell ScriptBlock Logging and Powershell Transcripts.
-
Notifications
You must be signed in to change notification settings - Fork 0
intercake/splunk-sysmon
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
No description, website, or topics provided.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published