0xbad53c / ossec-sysmon-for-linux-decoder Goto Github PK
View Code? Open in Web Editor NEWRudimentary OSSEC/Wazuh decoder for Sysmon For Linux events. Drop it in /var/ossec/ruleset/decoders, restart OSSEC/Wazuh and start writing detection rules like you would do for Windows events!
License: GNU General Public License v3.0