Sysmon_ELSA_Parsers ELSA Parsers for the following Sysmon events: Event ID 1: Process Create Event ID 3: Network Connection Detected Specifically written for use with Security Onion. If used elsewhere, some modification will be needed.