Sysmon for Linux

I want to carve some time out to explore using the tool, in the meant time I will put some links down here to keep track of posts about it :)

• https://techcommunity.microsoft.com/t5/azure-sentinel/automating-the-deployment-of-sysmon-for-linux-and-azure-sentinel/ba-p/2847054
• https://techcommunity.microsoft.com/t5/azure-sentinel/mitre-att-amp-ck-technique-coverage-with-sysmon-for-linux/ba-p/2858219
• https://medium.com/@olafhartong/sysmon-for-linux-57de7ca48575

Side note: New capability in VirusTotal with Sysmon reporting:

• https://www.microsoft.com/security/blog/2021/10/20/new-microsoft-sysmon-report-in-virustotal-improves-security/