Deploying Sysmon through Group Policy (GPO) Preferences

In my previous post I explained how to leverage Group Policy Preferences to deploy and update Sysmon configuration in the enterprise. I decided to write a script to automate the entire process.

What you need to have in order to run this script?

  • A baseline computer with the following:
    • Sysmon installed and Sysmon XML configuration file
    • Group Policy Administration tools installed
    • Group Policy editing permissions on the target GPO

All you need to do now is to download and execute the script, change the parameters inside the script and deploy the configuration in your environment (after testing, as always!)

Link to script: