If you install Sysmon as a service, it will start logging events into Windows Event Log. These events are stored in a binary format; hence extraction is a bit tricky.
You can use Powershell to read these events using the following:
Get-WinEvent @{logname="Microsoft-Windows-Sysmon/Operational"} | Select-Object -Property TimeCreated,ID,Message -First 5 | Format-List
The above command and filters will show you the last 5 events logged. Bear in mind that what goes into this event log is controlled by Sysmon XML configuration file. Hence, if you’re not seeing something you’re expecting in the Windows Event Logs, you may need to tweak Sysmon configurations.