Sysmon-Modular-Olaf-Install

1. #Olafhartlong sysmon-modular
2. #https://github.com/olafhartong/sysmon-modular
3. #Run with Admin rights
4.  
5. #Using NEW Windows Dev Eval VMWare.
6.  
7. # 1. Open the NEW Windows Terminal with ADMIN and select Ubuntu window
8. #git clone https://github.com/olafhartong/sysmon-modular
9.  
10. Invoke-WebRequest https://github.com/olafhartong/sysmon-modular/archive/refs/heads/master.zip -OutFile "Sysmon-Mod.zip"
11. Expand-Archive -LiteralPath C:\Users\labadmin\Sysmon-Mod.zip -DestinationPath $env:tmp
12. cd $env:tmp/sysmon-modular-master
13.  
14. # 2. Grab the Sysmon_v11.11 from my GDrive
15. # https://drive.google.com/file/d/1aTYsDic2OZ0DGOCKZWvAw5uvsQE8F-ew/view?usp=sharing
16.  
17.  
18. # 2 ALT.- If you want the newest bleeding edge sysmon
19. Invoke-WebRequest https://live.sysinternals.com/Sysmon64.exe -OutFile "sysmon.exe"
20.  
21. # Put sysmon in the Sysmon_Modular folder
22.  
23. # Now create the sysmon config file
24.  
25. Set-ExecutionPolicy -Scope CurrentUser Bypass
26.  
27. . .\Merge-SysmonXml.ps1
28.  
29. Merge-AllSysmonXml -Path ( Get-ChildItem '[0-9]*\*.xml') -AsString | Out-File sysmonconfig.xml
30.  
31. # 5. And Install the sysmon_v11.11 with sysmonconfig file
32. ./sysmon.exe -accepteula -i sysmonconfig.xml
33.  
34.  
35.