Ua hoʻokomo ʻo Microsoft i ka lawelawe nānā ʻana i ka hana ma ka ʻōnaehana Sysmon i ka platform Linux. No ka nānā ʻana i ka hana ʻana o Linux, hoʻohana ʻia ka subsystem eBPF, kahi e hiki ai iā ʻoe ke hoʻomaka i nā mea lawelawe e holo ana ma ka pae kernel system operating system. Ke kūkulu ʻia nei ka waihona SysinternalsEBPF i kahi kaʻawale, me nā hana pono no ka hana ʻana i nā mea lawelawe BPF no ka nānā ʻana i nā hanana i ka ʻōnaehana. Wehe ʻia ka code toolkit ma lalo o ka laikini MIT, a aia nā papahana BPF ma lalo o ka laikini GPLv2. Aia i loko o ka waihona packages.microsoft.com nā pūʻolo RPM a me DEB i mākaukau no ka hoʻolaha Linux kaulana.
ʻAe ʻo Sysmon iā ʻoe e mālama i kahi log me ka ʻike kikoʻī e pili ana i ka hana ʻana a me ka hoʻopau ʻana i nā kaʻina hana, nā pili pūnaewele a me nā manipulations faila. ʻAʻole mālama wale ka log i ka ʻike maʻamau, akā ʻo ka ʻike pono no ka nānā ʻana i nā hanana palekana, e like me ka inoa o ke kaʻina hana makua, nā hashes o nā ʻike o nā faila hiki ke hoʻokō ʻia, ka ʻike e pili ana i nā hale waihona puke ikaika, ka ʻike e pili ana i ka manawa o ka hana ʻana / komo / loli / ka holoi ʻana i nā faila, ka ʻikepili e pili ana i ke komo pololei ʻana i nā kaʻina hana no ka pale ʻana i nā polokalamu. No ka kaupalena ʻana i ka nui o nā ʻikepili i hoʻopaʻa ʻia, hiki ke hoʻonohonoho i nā kānana. Hiki ke mālama ʻia ka log ma o Syslog maʻamau.
Source: opennet.ru