Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,132 questions
This should be fixes with today's 13.01 release.
Sysmon 13.0 Config (System Error 1067)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 4%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZG%3C/text%3E%3C/svg%3E)
Zane Gittins
21
Reputation points
Is Sysmon 13.0 backwards compatible with older configs ? Using SwiftOnSecurity's config with Sysmon 13.0 yields an error when trying to start the Sysmon64 service. No errors about the config are thrown when installing Sysmon 13.0, however upon trying to start the service an error occurs.
During the install Sysmon says the configuration file has been validated, but seems to cause issues when starting the service.
Steps to reproduce:
- Download Sysmon 13.0
- Download SwiftOnSecurity config, save as config.xml
- Sysmon64.exe -i config.xml
- net start Sysmon64
"The Sysmon64 service is starting.
The Sysmon64 service could not be started.
A system error has occurred.
System error 1067 has occurred.
The process terminated unexpectedly."
Tested on a fresh Windows 10 install.
Sysinternals