Sysmon

package           : tis-sysmon
version           : 15.14-2
architecture      : x86
section           : base
priority          : optional
name              : Sysmon
categories        : Utilities,System and network
maintainer        : WAPT Team,Tranquil IT,Kenan KILICARSLAN,Gaëtan SEGAT
description       : System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log
depends           : 
conflicts         : 
maturity          : PROD
locale            : all
target_os         : windows
min_wapt_version  : 2.0
sources           : https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
installed_size    : 2592768
impacted_process  : Sysmon
description_fr    : System Monitor (Sysmon) est un service système Windows et un pilote de périphérique qui, une fois installé sur un système, reste lors des redémarrages du système pour surveiller et enregistrer l'activité du système dans le journal des événements Windows
description_pl    : Monitor systemu (Sysmon) jest usługą systemową Windows i sterownikiem urządzenia, który po zainstalowaniu w systemie pozostaje w nim po każdym ponownym uruchomieniu, aby monitorować i rejestrować aktywność systemu w dzienniku zdarzeń Windows
description_de    : System Monitor (Sysmon) ist ein Windows-Systemdienst und -Gerätetreiber, der, sobald er auf einem System installiert ist, bei jedem Neustart des Systems aktiv bleibt, um die Systemaktivitäten zu überwachen und im Windows-Ereignisprotokoll zu protokollieren
description_es    : System Monitor (Sysmon) es un servicio del sistema Windows y un controlador de dispositivo que, una vez instalado en un sistema, permanece residente a través de los reinicios del sistema para supervisar y registrar la actividad del sistema en el registro de eventos de Windows
description_pt    : System Monitor (Sysmon) é um serviço de sistema Windows e driver de dispositivo que, uma vez instalado num sistema, permanece residente através de reinicializações do sistema para monitorizar e registar a actividade do sistema no registo de eventos do Windows
description_it    : System Monitor (Sysmon) è un servizio di sistema e un driver di dispositivo di Windows che, una volta installato su un sistema, rimane residente durante i riavvii del sistema per monitorare e registrare l'attività del sistema nel registro eventi di Windows
description_nl    : System Monitor (Sysmon) is een Windows-systeemdienst en apparaatstuurprogramma dat, zodra het op een systeem is geïnstalleerd, tijdens het herstarten van het systeem in het systeem blijft om de systeemactiviteit te controleren en in het Windows-gebeurtenislogboek op te slaan
description_ru    : System Monitor (Sysmon) - это системная служба Windows и драйвер устройства, который, будучи установленным в системе, остается постоянным при всех перезагрузках системы для мониторинга и регистрации активности системы в журнале событий Windows
audit_schedule    : 
editor            : Microsoft Sysinternals
keywords          : device,driver,monitor,service,log
licence           : GPL-3.0
homepage          : https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
package_uuid      : 8b9909b5-2de6-4fe4-b453-68ce901a6fc7
valid_from        : 
valid_until       : 
forced_install_on : 
changelog         : 
min_os_version    : 10
max_os_version    : 
icon_sha256sum    : a5196572c8f3680ec6166ef070c8d843ab8511ffdd2de859adb1f5eed7efb35d
signer            : Tranquil IT
signer_fingerprint: 8c5127a75392be9cc9afd0dbae1222a673072c308c14d88ab246e23832e8c6bb
signature         : O+G8RIEqKAzC6XJhLYjLNEmjzhGOvbcbqaoLIMNXQcNSVwgFPARlbgblqLJscNzEHzK+oX7Mh1yPzFyyl2sNbV/K8SxbLpnpzc4bc6MzFn3FAOJUmqsn4QQaOMOkfTxp53PdtGbOz/h3qXzuXA4abfPpDW4D4+8poEbxArdGS60Vo/pWf79hoeRCaNyXjRJLBgY8jjur9EkUpLoFYBIABmPzcMUIwRyN0YEwG/ZAv8PwWGigdHPUpPut/HvjMeHo+4Z7+9B9ah6fZj/N4XQmfOFYu3rNKEAAOc73+uel6OiJZzIwse2OS3LTtTAUz4BAw7M6pz/XrDVCxAJ3bs29sA==
signature_date    : 2024-02-18T20:00:27.264323
signed_attributes : package,version,architecture,section,priority,name,categories,maintainer,description,depends,conflicts,maturity,locale,target_os,min_wapt_version,sources,installed_size,impacted_process,description_fr,description_pl,description_de,description_es,description_pt,description_it,description_nl,description_ru,audit_schedule,editor,keywords,licence,homepage,package_uuid,valid_from,valid_until,forced_install_on,changelog,min_os_version,max_os_version,icon_sha256sum,signer,signer_fingerprint,signature_date,signed_attributes

# -*- coding: utf-8 -*-
from setuphelpers import *
import time

# Defining variables
bin_latest_zip = "Sysmon.zip"
silent_args = "-accepteula -i"
silent_args_update = "-c"
silent_args_remove = "-u force"
app_name = "Sysmon"
app_service = "Sysmon"
app_bin = "Sysmon.exe"
app_unzip = makepath(app_name, app_bin)
app_dir = makepath(systemdrive, "Windows")
app_bin_path = makepath(app_dir, app_bin)


def install():
    # Initializing variables
    package_version = control.version.split("-")[0]

    # Installing the package
    if not service_installed(app_service):
        print("Installing: %s" % app_name)
        install_exe_if_needed(app_unzip, silentflags=silent_args, min_version=package_version)
        time.sleep(120)
        run('"%s" %s' % (app_unzip, silent_args_update))
        # Adding this package to the "list-registry"
        register_windows_uninstall(control)  # control is a PackageEntry object corresponding to this package
    else:
        print("Updating: %s" % app_name)
        install_exe_if_needed(app_unzip, silentflags=silent_args_update, min_version=package_version)
        if not installed_softwares(app_name):
            # Adding this package to the "list-registry"
            register_windows_uninstall(control)  # control is a PackageEntry object corresponding to this package


def uninstall():
    killalltasks('Sysmon.exe')
    if run(("%s %s") % (app_bin_path, silent_args_remove)):
        remove_file(app_bin_path)
        unregister_uninstall(app_name)


def audit():
    # Check Sysmon Services
    if service_installed(app_service):
        return "OK"
    else:
        return "ERROR"

# -*- coding: utf-8 -*-
from setuphelpers import *

# Defining variables
bin_latest_zip = "Sysmon.zip"
app_name = "Sysmon"
app_bin = "Sysmon.exe"
app_unzip = makepath(app_name, app_bin)


def update_package():
    # Initializing variables
    proxies = get_proxies()
    if not proxies:
        proxies = get_proxies_from_wapt_console()
    url_dl = "https://download.sysinternals.com/files/Sysmon.zip"

    print("Download url is: %s" % url_dl)

    # Downloading latest binaries
    if not isfile(bin_latest_zip):
        print("Downloading: %s" % bin_latest_zip)
        wget(url_dl, bin_latest_zip, proxies=proxies)

        # Unzip
        unzip(bin_latest_zip)

        # Changing version of the package
        version = get_version_from_binary(app_unzip)
        control.version = "%s-%s" % (version, control.version.split("-", 1)[-1])
        control.save_control_to_wapt()
        print("Changing package version to: %s in WAPT\\control" % control.version)

de37aa7b6b4698ad2d96d7da58dfa6bb0b8a9e35f79b4ef2329357ad82921980 : setup.py
39b094613132377bc236f4ad940a3e02c544f86347c0179a9425edc1bd3b85cd : Sysmon/Sysmon64.exe
8329bcbadc7f81539a4969ca13f0be5b8eb7652b912324a1926fc9bfb6ec005a : Sysmon/Eula.txt
dd3e115c2f77de08da5548b35eff962462e36bcaa70844d2a5af4e57e8c8b3c0 : Sysmon/Sysmon64a.exe
71485d919102387e71f20ddc809bd849b7694d2b3f2cdd45a15a4ef9f9c788f2 : Sysmon/Sysmon.exe
87291e98f9babfc056592b337b06aff79d1ccc4316cde00129c066a98d5f626b : update_package.py
900a7bbf67b3c0e0c2109e3fb14a534a90f55f326d625a332bdd3c7d95d44c04 : Sysmon.zip
a5196572c8f3680ec6166ef070c8d843ab8511ffdd2de859adb1f5eed7efb35d : WAPT/icon.png
a5a97261381e1d0ad46ee15916abec9c2631d0201f5cc50ceb0197a165a0bbbf : WAPT/certificate.crt
8aa6b8957620efb6d3bbf2953ccd8d9716c44b71c7aabdecf0aa854cdc1fcde9 : luti.json
1ebc3404ed6084eb85a6626d488e0908bb6607aca12d39b5ec7597372371ae3d : WAPT/control