Author: GraniteRob
Subject: sysmon log registered for psloglist?
Posted: 29 August 2014 at 5:17pm
I'd like to query the sysmon log:
"Applications and Services Logs/Microsoft/Windows/Sysmon/Operational"
with PSLoglist.
On my windows 7 machine, I can see (psloglist -z):
Question: How do I register this log so that psloglist can gain access to its contents?
Thanks -
Rob
Subject: sysmon log registered for psloglist?
Posted: 29 August 2014 at 5:17pm
I'd like to query the sysmon log:
"Applications and Services Logs/Microsoft/Windows/Sysmon/Operational"
with PSLoglist.
On my windows 7 machine, I can see (psloglist -z):
Event logs available on <computername>:According to psloglist, these are the event logs 'registered' on my computer. Sysmon/Operational is not (yet) included in this list.
ActivationClientLibrary
Application
Cisco AnyConnect Secure Mobility Client
Dell
HardwareEvents
Internet Explorer
Key Management Service
Media Center
ODiag
OSession
Security
Symantec Enterprise Vault
Symantec Enterprise Vault Converters
System
Windows PowerShell
Question: How do I register this log so that psloglist can gain access to its contents?
Thanks -
Rob