SysMon

This documentation provides details about the data that can be faked for SysMon logs.

To retrieve generated/fake data for SysMon logs see the following capabilities:

from socfaker import SocFaker

sc = SocFaker()

print(sc.logs.windows.sysmon())

SysMon Class

class socfaker.sysmon.SysMon

The SysMon class will generate fake sysmon logs for Microsoft Windows operating systems

Returns:

SysMon: Returns an object containing a get method to retrieve generated sysmon logs

get(count=1)

Returns a list of generated sysmon logs

Args:

count (int, optional): The number of sysmon logs to return. Defaults to 21.

Returns:

list: A list of generated sysmon logs