cryps1s
commented
6 years ago WinEventLog://AD FS/Admin - All Events WinEventLog://Duo Authentication for AD FS - All Events WinEventLog://AD FS Tracing/Debug - All Events Security - Whitelist for SourceName=^AD FS Auditing$
Add WEF subscription for Active Directory Federated Services operational and debug logs.