Ok so i’ve been showing how alot of things do NOT get audited in Windows out of the box (on Twitter obviously) so I thought I’d export the CSV which you can import to enable some of the advanced logging features into a GPO without so many clicks (RSA sucks!)

So here is a CSV file that you can use to import! this isn’t everything you need to do, but it’s a start!

We’ll update more but go check out the Micosoft Security Baselines and CIS baselines for more details!

Also check out the NCSC guidance on logging:

and the LME (Logging made ez)

There’s so many resources there’s no excuse to not be logging!

Leave a Reply