{
  "name": "Install Sysmon",
  "description": "Install Sysmon on this machine. Will also install Chocolatey.",
  "hosts": ["local", "remote"],
  "role": "elevated",
  "functions": {
    "run": {
      "command": "Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')); choco install sysmon -y; sysmon64 -accepteula -i",
      "method": "invoke"
    }
  }
}