winlogbeat (1) 썸네일형 리스트형 8. Windows Sysmon + Winlogbeat + logstash 1. sysmon Download : https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon Sysmon - Windows Sysinternals Monitors and reports key system activity via the Windows event log. docs.microsoft.com 2. sysmon config file : https://github.com/SwiftOnSecurity/sysmon-config GitHub - SwiftOnSecurity/sysmon-config: Sysmon configuration file template with default high-quality event tracing Sysmon co.. 이전 1 다음
