Collect, Search, And Analyze Windows & Sysmon Events

In this webinar, we will cover

- A general overview of the common Sysmon Event IDs and how to interrogate the data with queries.
- Why you may want to set up a configuration file to ingest everything, and when are you ready to make that substantial change.
- How to improve your search techniques and even chart process creation grouped by EXE + Computer or even search for a specific EXE.