Differences

This shows you the differences between two versions of the page.

--- slapdash:windows_logging [2017/04/26 13:12] – mgupton
+++ slapdash:windows_logging [2023/03/21 16:41] (current) – mgupton
@@ Line 1: / Line 1: @@
 ======Windows Logging (Slapdash)======
+<WRAP round info>
+This is a slapdash, slipshod, scattershot, quick-n-dirty, ephemeral article.
+</WRAP>
 ======Terminology======
@@ Line 13: / Line 15: @@
   * [[http://technet.microsoft.com/en-us/library/cc732848(v=ws.10).aspx|wevtutil]]
   * [[http://ss64.com/nt/wevtutil.html]]
+======Specific Events of Note======
+  * [[Windows Administrator Activity Events]]
 ======Listing Log Channels and Publishers======
 ====Enumerate a list of all log channels====
 <code>
@@ Line 405: / Line 411: @@
 reg query hklm\system\currentcontrolset\services\eventlog
 </code>
-======Resources======
-  * [[https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/default.aspx]]
 ======To Explore======
@@ Line 575: / Line 580: @@
 logman query providers
 </code>
+======Resources======
+  * [[https://www.ultimatewindowssecurity.com/|Ultimate Windows Security]]. Randy Franklin Smith's site. Good info for security related logging.
+      * webinars
+      * forum
+  * [[https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/default.aspx]]
+====== Windows Object Auditing ======
+  * #FIM
+  * [[https://github.com/OTRF/Set-AuditRule/blob/master/Set-AuditRule.ps1]]