allamiro
commented
4 years ago You should start by testing it in a test environment before moving to production environment and report any issues you have here as for me I'm planning to test especially interested on how filtering works - meaning how can you filter specific event IDs and Fields using this
Can we use LogonTracer to monitor logs in a company that generates 1 Gbt (300k event) evtx file per hour?