On a new Windows 10 Client on Virtual Box.
Open up a browser and download Sysmon from learn.microsoft.com
For this example we will learn how to download the latest version at the time this was written.
Sysmon v15.14 > https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon
While that is downloading, we want to get a config file for the installation.
I will be using olaf’s version:
https://github.com/olafhartong/sysmon-modular/blob/master/sysmonconfig.xml
Then download the raw file:
Then after both files are downloaded, we will extract the sysmon download zip into its own file.
Then copy the config file into the newly extracted folder.
Now we open a powershell as administrator, and cd into the extracted sysmon folder, and install sysmon with the newly downloaded configuration, we run this command:
.\Sysmon64.exe -i .\sysmonconfig.xml
If all goes well you will see this output:
and now you should have sysmon running.
You can check by going into “Services” (press windows key and type in services then press enter)
