Sysmon Integration
System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log. It provides detailed information about process creations, network connections, and changes to file creation time.
Download Now
Check Process Activity
The EventSentry Web Reports offer a powerful overview on your process traffic. Quickly identify malicious or anamalous activity.
Built-in Reports
If EventSentry is configured to also collect NetFlow data, the data provided by Sysmon can be used to examine the associated network traffic generated by the process. Every row in the Sysmon report provides a link to the NetFlow History report.
Trigger Alerts
| Slack | |
| Trello | |
| Instant Messages | |
| Database | |
| Syslog | |
| SNMP | |
| Run custom Processes | |
| Submit to API | |
| Shutdown or Reboot | |
| Service & Process Control | |
| Text File (ASCII, HTML, CSV) | |
| Sound (play .wav file) | |
| Desktop & RSS |