You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Deploying via (VirtualBox/VMWare/AWS/Azure/ESXi): VirtualBox
Vagrant Version (if applicable): 2.3.2
Hello! I noticed that sysmon event 11, file creation, is not logging for files created under certain directories, such as the user profile on win10.windomain.local or wef.windomain.local. I looked through the sysmon config file located at C:\ProgramData\Sysmon on wef.windomain.local and didn't see any rules that would exclude this.
On Win10, running this command:
...I see the following sysmon log:
However, running the following:
I don't see the log in Splunk or the Event Viewer on Win10.
Any suggestions on what may be causing this?
Thanks, and love the project btw!
The text was updated successfully, but these errors were encountered:
Hello! I noticed that sysmon event 11, file creation, is not logging for files created under certain directories, such as the user profile on win10.windomain.local or wef.windomain.local. I looked through the sysmon config file located at C:\ProgramData\Sysmon on wef.windomain.local and didn't see any rules that would exclude this.
On Win10, running this command:
...I see the following sysmon log:
However, running the following:
I don't see the log in Splunk or the Event Viewer on Win10.
Any suggestions on what may be causing this?
Thanks, and love the project btw!
The text was updated successfully, but these errors were encountered: