Sysmon-Watcher provides real-time monitoring for logs generated by Microsoft Sysmon. In addition to monitoring your local system, you can remotely monitor any computer on your network.
- Click here to download the latest release.
- No installation necessary. Simply download and run the application.
- Microsoft Sysmon must be installed.
- If you're new to Sysmon, configurations from SwiftOnSecurity and sysmon-modular are great starting points.
- You must have local administrator rights to read Sysmon logs.
- .NET Framework 4.5 or greater. This is included with Windows 8 and newer.
- Real-time monitoring of Sysmon event logs.
- Watch your local system or remotely monitor any computer on your network.
- Each log field maps to a column.
- Choose the columns you want to see.
- Advanced filtering on any field.