Posh-Sysmon
0.7
Module for the creation and managing of Sysinternal Sysmon configuration XML files.
Minimum PowerShell version
3.0
Installation Options
Owners
Copyright
(c) 2016 Carlos Perez carlos_Perez@darkoperator.com. All rights reserved.
Package Details
Author(s)
- Carlos Perez carlos_Perez@darkoperator.com
Functions
Get-SysmonHashingAlgorithm Get-SysmonRule New-SysmonConfiguration New-SysmonDriverLoadFilter New-SysmonFileCreateFilter New-SysmonImageLoadFilter New-SysmonNetworkConnectFilter New-SysmonProcessCreateFilter New-SysmonProcessTerminateFilter Remove-SysmonRule Remove-SysmonRuleFilter Set-SysmonHashingAlgorithm Set-SysmonRule Get-SysmonEventData Get-SysmonRuleFilter New-SysmonProcessAccess
Dependencies
This module has no dependencies.
Release Notes
Version 0.7
* Added support for ProcessAccess filtering added in Sysmon 4.1
* Added function New-SysmonProcessAccess for creating ProcessAccess filters.
* Fixed issue where command was displayed and not ran with New-SysmonDriverLoadFilter.
* Added ProcessAccess type in Get-SysmonEventData and Get-SysmonRuleFilter.
* In verbose output it shows with what version of Sysmon the file will be compatible with after creating it.
FileList
- Posh-Sysmon.nuspec
- Config.ps1
- Filters.ps1
- LICENSE
- Posh-Sysmon.psd1
- Posh-SysMon.psm1
- README.md
- en-US\Posh-SysMon.psm1-Help.xml
- Format\Sysmon.ConfigOption.ps1xml
- Format\Sysmon.Rule.Filter.ps1xml
- Format\Sysmon.Rule.ps1xml