A quick powerpoint guide to teach team mates in a 45 minute session how to install Sysmon from a basic config and capture and export events using Procmon.
Big shout out to @ABertram for his published work on AdamTheAutomator.
Check out his post for info on some of Procmon's more advanced features and find my Sysmon config borrowed heavily (read entirely) from @SwiftOnSecurity and their pending pull-requests here.