I have been searching for a way to enrich EventID 3 Sysmon logs with CommunityID for a long time, and most of the solutions I found propose complex solutions. To achieve that, we will harness the power of Apache NiFi to manipulate, route, and filter out Sysmon logs. | threathuntingtails.com