Microsoft ebufela ọrụ nlekota oru na sistemu Sysmon na ikpo okwu Linux. Iji nyochaa ọrụ nke Linux, a na-eji eBPF subsystem, nke na-enye gị ohere ịmalite ndị ọrụ na-agba ọsọ na ọkwa kernel sistemụ. A na-emepụta ọba akwụkwọ SysinternalsEBPF iche iche, gụnyere ọrụ bara uru maka ịmepụta ndị na-ahụ maka BPF maka nlekota ihe omume na sistemụ. Koodu ngwa ngwa mepere n'okpuru ikike MIT, yana mmemme BPF nọ n'okpuru ikike GPLv2. Ihe nchekwa ngwugwu.microsoft.com nwere ngwugwu RPM na DEB emebere emebere dabara maka nkesa Linux ama ama.
Sysmon na-enye gị ohere idobe ndekọ nke nwere ozi zuru ezu gbasara okike na nkwụsị nke usoro, njikọ netwọkụ na nhazi faịlụ. Ihe ndekọ ahụ na-echekwa ọ bụghị naanị ozi izugbe, kamakwa ozi bara uru maka nyochaa ihe nchekwa, dị ka aha usoro nne na nna, hashes nke ọdịnaya nke faịlụ ndị a na-arụ ọrụ, ozi gbasara ọba akwụkwọ dị ike, ozi gbasara oge okike / nnweta / mgbanwe / ihichapụ faịlụ, data gbasara ohere nke usoro iji gbochie ngwaọrụ. Iji kpachie ọnụọgụ data edere, ọ ga-ekwe omume ịhazi nzacha. Enwere ike ịchekwa ndekọ ahụ site na Syslog ọkọlọtọ.
isi: opennet.ru