Skip to content

Instantly share code, notes, and snippets.

@Kyleslav

Kyleslav/install_sysmon.bat

Created July 21, 2020 16:57
Star
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
Raw
install_sysmon.bat
@ECHO OFF
if not exist "c:\windows\sysmon\" mkdir "c:\windows\sysmon\"
fc c:\windows\sysmon\sysmon_config.xml "\\NETWORK_PATH\sysmon\sysmon_config.xml" > nul
If "%ERRORLEVEL%" GEQ "1" (
copy /z /y "\\NETWORK_PATH\sysmon\sysmon_config.xml" "C:\windows\sysmon\"
sysmon64 -c c:\windows\sysmon\sysmon_config.xml
sc query "Sysmon64" | Find "RUNNING"
If "%ERRORLEVEL%" EQU "1" (
goto startsysmon
)
:startsysmon
net start Sysmon64
If "%ERRORLEVEL%" EQU "1" (
goto installsysmon
)
:installsysmon
"\\NETWORK_PATH\sysmon\sysmon64.exe" -accepteula -i c:\windows\sysmon\sysmon_config.xml
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment