Sysmon Playbook Event ID 3
Sysmon Event ID: 3 Sysmon Event Title: Network Connection Detected Network Connection Attributes: When any machines with Sysmon installed makes a network connection many details ab
SYSMON Playbook – Event ID 1
Windows by default records most of the activity happening on OS in the Windows logs and can be viewed in Windows Event Viewer. However the Sysmon is much better when it comes to pr
