Hello! I am very interested in turning on Powershell logging in my environment and then sending those logs to Splunk. Any good recommendations for articles / URLs for me to start learning how to do this? Thx
Pursue the Attackers _ Identify and Investigate Lateral Movement Based on Behavior Pattern
check P71 , wineventlog