Open kris-watts-gravwell opened 3 months ago
General issue for tracking a generic windows kit.
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/ https://www.xplg.com/windows-server-security-events-list/ https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor
Update...
Added a few more dashboards, playbooks
General issue for tracking a generic windows kit.
Helpful links
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/ https://www.xplg.com/windows-server-security-events-list/ https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor
Query library stuff
Logoutsnetwork authenticationsDashboards
Playbook
Resources
Next iteration