    Sysmon v5 Logs


      Has anyone had any luck ingesting Sysmon v5 Logs into the SIEM - if so, how?


      I configured Sysmon on a test server and I see the logs in Applications and Service Logs --> Windows --> Sysmon --> Operational, but I can't seem to configure the receiver to pick these up.


      I'd love to see a content pack for Sysmon logs as these are incredibly valuable.