Notices: This section not yet converted to new layout. Download stats are rolling back out.

This is not the latest version of Sysmon available.



Package test results have failed.

Private CDN cached downloads available for licensed customers. Never experience 404 breakages again! Learn more...

This package was approved as a trusted package on 4/6/2018.

Monitors and reports key system activity via the Windows event log.

To install Sysmon, run the following command from the command line or from PowerShell:

C:\> choco install sysmon --version 7.01

To upgrade Sysmon, run the following command from the command line or from PowerShell:

C:\> choco upgrade sysmon --version 7.01


  • tools\chocolateyInstall.ps1 Show
    $packageName = 'sysmon'
    $url = ''
    $checksum = '13346e70f9546617d787e2c57c2c98eb4d3f83c8a241c7c0efd107656c71bbaf'
    $checksumType = 'sha256'
    $url64 = "$url"
    $checksum64 = "$checksum"
    $checksumType64 = "checksumType"
    $toolsDir = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
    Install-ChocolateyZipPackage -PackageName "$packageName" `
                                 -Url "$url" `
                                 -UnzipLocation "$toolsDir" `
                                 -Url64bit "$url64" `
                                 -Checksum "$checksum" `
                                 -ChecksumType "$checksumType" `
                                 -Checksum64 "$checksum64" `
                                 -ChecksumType64 "$checksumType64"

Virus Scan Results

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.


This package has no dependencies.

Package Maintainer(s)

Software Author(s)

  • Mark Russinovich


© Mark Russinovich


Release Notes



  • Automatically built and uploaded by dtgm

Version History

Version Downloads Last updated Status
Sysmon 9.00 966 Sunday, March 3, 2019 approved
Sysmon 7.01 1757 Sunday, February 18, 2018 approved
Sysmon 6.20 375 Tuesday, December 19, 2017 approved
Sysmon 6.10 531 Friday, September 29, 2017 approved
Sysmon 6.02 514 Wednesday, May 24, 2017 approved
Sysmon 6.01 400 Monday, March 13, 2017 approved
Sysmon 6.00 302 Monday, February 20, 2017 approved
Sysmon 5.02 266 Tuesday, February 7, 2017 approved
Sysmon 4.12 328 Thursday, October 20, 2016 approved
Show More

Discussion for the Sysmon Package

Ground rules:

  • This discussion is only about Sysmon and the Sysmon package. If you have feedback for Chocolatey, please contact the google group.
  • This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
  • The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
  • Tell us what you love about the package or Sysmon, or tell us what needs improvement.
  • Share your experiences with the package, or extra configuration or gotchas that you've found.
  • If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.

comments powered by Disqus uses cookies to enhance the user experience of the site.