Sysmon Installation on Windows - Single Endpoint

Updated Jan 31, 2024

Install Sysmon on a single endpoint

You can install Sysmon on a single Windows endpoint.


Before you begin


  1. (Optional) Install Sysmon Assistant to help you install the correct version of Sysmon:
    1. Right-click the file, and then click Extract All.
    2. Follow the instructions to install the MSI packages.
  2. Extract the file
  3. Depending on your system, run one of these commands:
    • 32-bit systems:
      sysmon.exe -i -accepteula
    • 64-bit systems:
      sysmon64.exe -i -accepteula

See also