Posh-Sysmon

0.7.5

Module for the creation and managing of Sysinternal Sysmon configuration XML files.

Minimum PowerShell version

3.0

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name Posh-Sysmon -RequiredVersion 0.7.5

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

Install-PSResource -Name Posh-Sysmon -Version 0.7.5

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

cperez

Copyright

Package Details

Author(s)

Carlos Perez carlos_Perez@darkoperator.com

Functions

Get-SysmonHashingAlgorithm Get-SysmonRule New-SysmonConfiguration New-SysmonDriverLoadFilter New-SysmonFileCreateFilter New-SysmonImageLoadFilter New-SysmonNetworkConnectFilter New-SysmonProcessCreateFilter New-SysmonProcessTerminateFilter Remove-SysmonRule Remove-SysmonRuleFilter Set-SysmonHashingAlgorithm Set-SysmonRule Get-SysmonEventData Get-SysmonRuleFilter New-SysmonProcessAccessFilter New-SysmonFileCreateStreamHashFilter New-SysmonRegistryFilter New-SysmonPipeFIlter

Dependencies

This module has no dependencies.

Release Notes

Version 0.7.5
* Support for Schema 3.3 of Sysmon v6.
* New function New-SysmonPipeEvent for filtering for named pipeline cration and connection events.
* Support of PipeEvent in config creation and event type functions.
* Several bug fixes on filtering functions when give an array of values.

FileList

Posh-Sysmon.nuspec
Config.ps1
Filters.ps1
LICENSE
Posh-Sysmon.psd1
Posh-SysMon.psm1
README.md
sysmon3_3_DTD.xml
docs\Get-SysmonEventData.md
docs\Get-SysmonHashingAlgorithm.md
docs\Get-SysmonRule.md
docs\Get-SysmonRuleFilter.md
docs\New-SysmonConfiguration.md
docs\New-SysmonDriverLoadFilter.md
docs\New-SysmonFileCreateFilter.md
docs\New-SysmonFileCreateStreamHash.md
docs\New-SysmonFileCreateStreamHashFilter.md
docs\New-SysmonImageLoadFilter.md
docs\New-SysmonNetworkConnectFilter.md
docs\New-SysmonPipeEvent.md
docs\New-SysmonPipeFilter.md
docs\New-SysmonProcessAccessFilter.md
docs\New-SysmonProcessCreateFilter.md
docs\New-SysmonProcessTerminateFilter.md
docs\New-SysmonRegistryEvent.md
docs\New-SysmonRegistryFilter.md
docs\Remove-SysmonRule.md
docs\Remove-SysmonRuleFilter.md
docs\Set-SysmonHashingAlgorithm.md
docs\Set-SysmonRule.md
en-US\Posh-SysMon-help.xml
en-US\Posh-SysMon.psm1-Help.xml
Format\Sysmon.ConfigOption.ps1xml
Format\Sysmon.Rule.Filter.ps1xml
Format\Sysmon.Rule.ps1xml

Version History

Version	Downloads	Last updated
1.2	2,480	9/21/2018
1.1	226	3/5/2018
1.0	22	3/4/2018
0.7.5 (current version)	401	2/20/2017
0.7.3	122	11/20/2016
0.7.2	89	8/25/2016
0.7.1	30	8/16/2016
0.7	20	8/15/2016
0.6	30	7/29/2016
0.5.1	105	2/25/2016
0.4	66	11/4/2015