Our Sysmon integration does not include mappings for some event types introduced since Sysmon v13.10. The current list of events we map to event.category and event.type can be viewed within the pipeline here. Useful blog with sample use cases for each event available here.
In order to fully support all Sysmon events, the following events should be supported:
This issue will track our progress on adding support for this new event type to our Sysmon integration.
Our Sysmon integration does not include mappings for some event types introduced since Sysmon v13.10. The current list of events we map to
event.categoryandevent.typecan be viewed within the pipeline here. Useful blog with sample use cases for each event available here.In order to fully support all Sysmon events, the following events should be supported:
This issue will track our progress on adding support for this new event type to our Sysmon integration.