Log system activity with System Monitor (Sysmon)

by George Chetcuti [Published on 13 Aug. 2014 / Last Updated on 13 Aug. 2014]

Creators of Windows Sysinternals Mark Russinovich and Thomas Garnier announce a new Sysinternals utility that monitors and reports key system activity via the Windows event log.

Windows Sysinternals is a resource of advanced system utilities and technical information for IT Pros and developers. Sysinternals utilities help you manage, troubleshoot and diagnose your Windows systems and applications.

The new tool Sysmon is a utility that monitors and reports key system activity via the Windows event log, including detailed information about process creation, network connections and file creation timestamp changes. With Sysmon installed on your systems, you can collect and analyze these events to identify the presence of attackers, and correlate events across your network to track them as they traverse your network.

Download and read more about Sysmon here - http://technet.microsoft.com/en-us/sysinternals/dn798348

Add Review or Comment

Featured Links