Platform
Gravwell vs. Splunk
Alongside your SIEM
For Security Lakes
For Threat Hunting
Technology
Integrations
Why Gravwell
Gravwell -vs- Legacy SIEM
Featured Resource
Compare Now
Pricing
Resources
Blog
Video Library
PDFs & White Papers
News Room
Documentation
Support
Gravwell Academy
Gravwell Overview
Featured Resource
Learn more
Company
Team
About Gravwell
Careers
Contact Us
Gravwell Upgrades CE
Featured Press Release
Gravwell Upgrades Community Edition to help users explore and gather deeper insights about their data at no additional cost.
Read Press Release
Platform
Gravwell vs. Splunk
Alongside your SIEM
For Security Lakes
For Threat Hunting
Technology
Integrations
Why Gravwell
Gravwell -vs- Legacy SIEM
Featured Resource
Compare Now
Pricing
Resources
Blog
Video Library
PDFs & White Papers
News Room
Documentation
Support
Gravwell Academy
Gravwell Overview
Featured Resource
Learn more
Company
Team
About Gravwell
Careers
Contact Us
Gravwell Upgrades CE
Featured Press Release
Gravwell Upgrades Community Edition to help users explore and gather deeper insights about their data at no additional cost.
Read Press Release
resources
Collect, Search, and Analyze Windows and Sysmon Events
What Will You Learn:
A general overview of the common Sysmon Event IDs and how to interrogate the data with queries.
Why you may want to set up a configuration file to ingest everything, and when are you ready to make that substantial change.
How to improve your search techniques and even chart process creation grouped by EXE + Computer or even search for a specific EXE.
Reasons to Watch:
You're required to see how often processes are created and which ones are the most frequent.
You are a Threat Hunter and you need to get to the root cause analysis.
You plan to deploy Sysmon in your enterprise but don't have a collector or forwarding setup.
Topics:
Video
,
Webinar
Back to Resources
TOP
