A Python-based GUI application for viewing and analyzing Sysmon events on Windows systems. This application provides a user-friendly interface to monitor and analyze system activity captured by Microsoft's Sysmon utility.
- View Sysmon events in a tabular format with sorting and filtering
- Filter events by type, time range, and search terms
- View detailed event information
- Export events to CSV for further analysis
- Dashboard with event statistics
- Modern, responsive UI built with PyQt5
- Windows operating system
- Python 3.7 or higher
- Sysmon installed and running on the system
- Administrative privileges (for reading Sysmon logs)
- Clone or download this repository
- Install the required dependencies:
pip install -r requirements.txt- Ensure Sysmon is installed and running on your system
- Run the application:
python sysmon_gui.py-
Use the filter controls at the top to filter events:
- Select an event type from the dropdown
- Choose a time range
- Enter search terms to find specific events
- Click "Apply Filters" to update the view
-
Double-click on any event to view its details
-
Use the "Export" button to save events to a CSV file
Event List View
Event Details
Dashboard
This project is licensed under the MIT License - see the LICENSE file for details.
- Microsoft Sysinternals for the Sysmon utility
- PyQt5 for the GUI framework