Ok so i’ve been showing how alot of things do NOT get audited in Windows out of the box (on Twitter obviously) so I thought I’d export the CSV which you can import to enable some of the advanced logging features into a GPO without so many clicks (RSA sucks!)

So here is a CSV file that you can use to import! this isn’t everything you need to do, but it’s a start!

We’ll update more but go check out the Micosoft Security Baselines and CIS baselines for more details!

Also check out the NCSC guidance on logging:

https://www.ncsc.gov.uk/guidance/introduction-logging-security-purposes

and the LME (Logging made ez)

https://www.ncsc.gov.uk/blog-post/logging-made-easy

There’s so many resources there’s no excuse to not be logging!