TryHackMe Sysmon Write-Up

<p>We will be doing the&nbsp;<a href="https://tryhackme.com/room/sysmon" rel="noopener ugc nofollow" target="_blank">Sysmon</a>&nbsp;room this time. I don&rsquo;t know about Sysmon too much except that it&rsquo;s usually running in the background and helps logs events for us, similar to Windows Event Manager. I believe it is a bit more comprehensive in its logging which is why it&rsquo;s useful to check these logs when using our SIEMs. Let&rsquo;s get started! As always, I&rsquo;ll document if I used external sources when doing these labs.</p> <p>Task 3 Installing and Preparing Sysmon</p> <p>I will be RDPing into the machine instead of downloading the files on my host machine. I created a RDP guide recently since we RDP a lot. I thought it&rsquo;ll be nice to keep the RDP steps in one post instead of always writing it. It&rsquo;s located&nbsp;<a href="https://medium.com/@laupeiip/how-to-rdp-into-a-tryhackme-windows-machine-with-your-kali-vm-f637cf7422d1" rel="noopener">here</a>. Please check it out!</p> <p><a href="https://medium.com/@laupeiip/tryhackme-sysmon-write-up-50a7043c86cf"><strong>Website</strong></a></p>