AnsweredAssumed Answered

Collecting Sysmon logs via WinRM

Question asked by Jay Alexander Employee on Sep 10, 2020
Latest reply on Sep 13, 2020 by Jay Alexander

Sysmon service is running and generating events that I see in Event Viewer. I've add the channel: Microsoft-Windows-Sysmon/Operational on the Log Collector. But I don't see Sysmon logs in Netwitness Investigate. I see logs from other channels. Is this a parser issue? Any help would be appreciated.

Outcomes