Sunday, 12 April 2026 @ 06:31 UTC ~13 12,244 130,110

Sysmon

Sysinternals · Microsoft.Sysinternals.Sysmon

System activity monitor

System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log.

winget install --id Microsoft.Sysinternals.Sysmon --exact --source winget

Latest 15.20

Installer type: zip

Architecture Scope Download SHA256
x86 Download 9C7BBA9C88023ABD33188CFF4D3562278E0B7DDCCB7935B6A6530887F9E054B1
x64 Download 9C7BBA9C88023ABD33188CFF4D3562278E0B7DDCCB7935B6A6530887F9E054B1
arm64 Download 9C7BBA9C88023ABD33188CFF4D3562278E0B7DDCCB7935B6A6530887F9E054B1

Details

Homepage
https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon
License
Proprietary
Publisher
Sysinternals
Support
https://learn.microsoft.com/en-us/answers/tags/435/sysinternals
Privacy Policy
https://learn.microsoft.com/en-us/sysinternals/license-terms
Copyright
Copyright (C) 2014-2024 Mark Russinovich & Thomas Garnier Using libxml2. libxml2 is Copyright (C) 1998-2012 Daniel Veillard. All Rights Reserved.
Moniker
sysmon

Tags

sysinternals