Sysmon

Updated Jan 31, 2024

Sysmon

Sysmon is a Windows system service and device driver that monitors and logs system activity. You can use Sysmon on Windows devices to forward relevant logs to Arctic Wolf®. Arctic Wolf Agent uses a specific Sysmon configuration that is optimized for Arctic Wolf. Agent also automatically updates the Arctic Wolf Sysmon configuration.

Topics