https://github.com/hamsycodes/elasticsearch-using-sysmon

A step-by-step guide for setting up an SIEM using the Elastic Web Portal and Sysmon. You will learn how to generate security events on the windows machine, set up Sysmon on your windows machine. Generate few events by writing few commands on Windows PowerShell and forward records to the SIEM, and query and analyze the logs using Kibana in the SIEM.
https://github.com/hamsycodes/elasticsearch-using-sysmon

cybersecurity elasticsearch elk-stack kibana security sysmon

Last synced: 5 months ago
JSON representation

A step-by-step guide for setting up an SIEM using the Elastic Web Portal and Sysmon. You will learn how to generate security events on the windows machine, set up Sysmon on your windows machine. Generate few events by writing few commands on Windows PowerShell and forward records to the SIEM, and query and analyze the logs using Kibana in the SIEM.

• Host: GitHub
• URL: https://github.com/hamsycodes/elasticsearch-using-sysmon
• Owner: hamsycodes
• Created: 2024-11-25T09:57:05.000Z (7 months ago)
• Default Branch: main
• Last Pushed: 2024-12-08T18:09:11.000Z (7 months ago)
• Last Synced: 2024-12-08T19:22:39.047Z (7 months ago)
• Topics: cybersecurity, elasticsearch, elk-stack, kibana, security, sysmon
• Homepage: https://medium.com/@hamsnoesnothin/elastic-soc-homelab-using-sysmon-321577b5e9d4
• Size: 3.91 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# ElasticSearch-using-Sysmon

A step-by-step guide for setting up an SIEM using the Elastic Web Portal and Sysmon. You will learn how to generate security events on the windows machine, set up Sysmon on your windows machine. Generate few events by writing few commands on Windows PowerShell and forward records to the SIEM, and query and analyze the logs using Kibana in the SIEM.

Below I have pasted the link for the entire blogpost.