Security News > 2021 > October > Microsoft releases Linux version of the Windows Sysmon tool
Microsoft has released a Linux version of the very popular Sysmon system monitoring utility for Windows, allowing Linux administrators to monitor devices for malicious activity.
Today, Microsoft's Mark Russinovich and a cofounder of the Sysinternals utility suite, announced that Microsoft had released Sysmon for Linux as an open-source project on GitHub.
Unlike Sysmon for Windows, Linux users will be required to compile the program themselves and ensure that they have all the required dependencies, with instructions provided on the project's GitHub page.
Sysmon -i CONFIG FILE. To create your own Sysmon configuration file, you would need to use.
Once started, Sysmon will begin logging events to the /var/log/syslog file.
Sysmon is a powerful tool widely used in Windows environments as part of an organization's security toolbox.
News URL
Related news
- Microsoft fixes Linux boot issues on dual-boot Windows systems (source)
- Microsoft open-sources Windows Subsystem for Linux at Build 2025 (source)
- Microsoft's killing script used to avoid Microsoft Account in Windows 11 (source)
- Microsoft tests new Windows 11 tool to remotely fix boot crashes (source)
- New Windows 11 trick lets you bypass Microsoft Account requirement (source)
- Microsoft adds hotpatching support to Windows 11 Enterprise (source)
- Microsoft starts testing Windows 11 taskbar icon scaling (source)
- Windows 11 Forces Microsoft Account Sign In & Removes Bypass Trick Option (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)