Investigate suspicious activity by visualizing Sysmon's event log
SysmonSearch make event log analysis more effective and less time consuming, by aggregating event logs generated by Microsoft's Sysmon.
SysmonSearch uses Elasticserach and Kibana (and Kibana plugin).
To try SysmonSearch, you can either 1)install softwares to your own linux enviroment with following instractions or 2)use docker image:
For details, please check the SysmonSearch wiki.