Statements (48)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:railway_line
|
| gptkbp:bfsLayer |
7
|
| gptkbp:bfsParent |
gptkb:Sysinternals_Suite
|
| gptkbp:can_be |
Event logs
|
| gptkbp:can_create |
alerts
|
| gptkbp:developed_by |
gptkb:Microsoft
|
| gptkbp:has_version |
Sysmon 10.0
Sysmon 11.0 Sysmon 12.0 Sysmon 13.0 Sysmon 14.0 |
| https://www.w3.org/2000/01/rdf-schema#label |
Sysmon
|
| gptkbp:integrates_with |
SIEM tools
log management solutions |
| gptkbp:is_available_on |
gptkb:archive
Microsoft website |
| gptkbp:is_compatible_with |
gptkb:Windows_Server_2012
gptkb:operating_system gptkb:Windows_7 gptkb:server |
| gptkbp:is_documented_in |
Microsoft documentation
Sysinternals documentation |
| gptkbp:is_part_of |
gptkb:Sysinternals_Suite
|
| gptkbp:is_used_by |
security analysts
forensic investigators incident responders |
| gptkbp:is_used_for |
incident response
threat detection forensics |
| gptkbp:monitors |
DNS queries
WMI events driver loading events event log changes file deletion events image loading events process command line arguments process termination events registry changes |
| gptkbp:provides |
detailed information about process creations
file creation time information network connections information |
| gptkbp:purpose |
System monitoring
|
| gptkbp:release_date |
gptkb:2014
|
| gptkbp:replaced_by |
via command line
via Control Panel |
| gptkbp:requires |
administrative privileges
|
| gptkbp:setting |
XML configuration file
|
| gptkbp:supports |
Windows operating systems
|