Sysmon v15.0 & 29 Events

[Achi79]

This update to Sysmon, an advanced host security monitoring tool, sets the service to run as a protected process, hardening it against tampering, adds a new event, FileExecutableDetected, for when new executable images are saved to files, and fixes a system hang occurring in certain situations due to an interaction between network and file system events.

There are now 29 events. Will this config be updated?

I would also like to see this config update to include these new events. The default config that ships with sysmon isn't nearly as powerful as this one.

[jttrey3]

The template has been very helpful, though guidance for the new event IDs would be appreciated.