Sysinternals Homepage
Forum Home Forum Home > Sysinternals Utilities > Miscellaneous Utilities
  New Posts New Posts RSS Feed - Sysmon PipeEvent
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Sysmon PipeEvent

 Post Reply Post Reply
Author
Message
Nemo7891 View Drop Down
Newbie
Newbie
Avatar

Joined: 13 July 2017
Status: Offline
Points: 4
Post Options Post Options   Thanks (0) Thanks(0)   Quote Nemo7891 Quote  Post ReplyReply Direct Link To This Post Topic: Sysmon PipeEvent
    Posted: 13 February 2018 at 8:27pm
Has anyone gotten any of the PipeEvent messages to log with Sysmon? I am getting very spotty results. Tried it with 7.01 on Win7 and it worked up until a reboot and now i can't get it to work despite numerous reboots and re-installs. And that was a "good" outcome. On other systems I can't get it to log any relevant events, neither Pipe Connected nor Pipe Created, even though I expect hundreds if not thousands of events. Tried with v6.10 and wasn't able to generate any either. I am trying with a very basic install options:
sysmon -n -i h * -accepteula
and my config is totally sparse:
<Sysmon schemaversion="4.00">
<HashAlgorithms>md5,sha1,sha256,imphash</HashAlgorithms>
<EventFiltering>
<PipeEvent onmatch="exclude">
</PipeEvent>
</EventFiltering>
</Sysmon>

Any suggestions?
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 11.06
Copyright ©2001-2016 Web Wiz Ltd.