Splunk Add-on for Sysmon | Splunkbase
You are currently in preview mode for new Splunkbase! To return to the original Splunkbase, click here.
Splunk Add-on for Sysmon app icon

Splunk Add-on for Sysmon

The Splunk Add-On for Sysmon enables customers to create and persist connection to Microsoft Sysmon so that the available detection, events, incident and audit data can be continually streamed to their Splunk Environment. This connection enables organisations to combine the power of the Splunk platform with the visibility and rich event data source of the Microsoft Sysmon utility running on Windows platforms. The Splunk Add-on for Sysmon collects data from Sysmon’s dedicated Windows Event log. Add-On map events for CIM data models: Endpoint, Network Resolution (DNS), Network Traffic, Change. The Splunk Add-on for Sysmon provides the inputs and CIM-compatible knowledge to use with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.

Built by Splunk Inc.
splunk product badge

Latest Version 3.0.0
June 22, 2022
Compatibility
Platform Version: 9.0, 8.2, 8.1
Rating

4

StarStarStarStarStar

(1)

Support
Splunk Add-on for Sysmon support icon
Splunk Supported addon
Learn more
Ranking

#8

in Security, Fraud & Compliance

The Splunk Add-On for Sysmon enables customers to create and persist connection to Microsoft Sysmon so that the available detection, events, incident and audit data can be continually streamed to their Splunk Environment. This connection enables organisations to combine the power of the Splunk platform with the visibility and rich event data source of the Microsoft Sysmon utility running on Windows platforms. The Splunk Add-on for Sysmon collects data from Sysmon’s dedicated Windows Event log. Add-On map events for CIM data models: Endpoint, Network Resolution (DNS), Network Traffic, Change. The Splunk Add-on for Sysmon provides the inputs and CIM-compatible knowledge to use with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.

Categories

Security, Fraud & Compliance

Created By

Splunk Inc.

Type

addon

Downloads

79997

Resources

Login to report this app listing