Troubleshooting Sysmon Rules

Testing the final sysmon configuration file is recommended. From the policy, the configuration file can be downloaded. Click on the download button right side of the "Config File Content".

After downloading the file, please copy the file to the "C:\Program Files\THApplications" folder. Then, run the sysmon update command with the downloaded file's name, the command should be like this: "C:\Program Files\THApplications\cyrthwinsys.exe -c <file-name>". The result should not give any errors.

PreviousManaging Sysmon Rules NextImportant Settings

Last updated 5 months ago