Cyberdefense/DeepBlueCLI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Eric Conrad
2017-09-20 10:22:24 -04:00
committed by GitHub
parent 0505507419
commit 17764ac951
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -83,6 +83,9 @@ See 'Logging setup' section below for how to configure these logs
Enable Windows command-line auditing: https://support.microsoft.com/en-us/kb/3004375 Enable Windows command-line auditing: https://support.microsoft.com/en-us/kb/3004375
### Security event 4625 (Failed logons):
Requires auditing logon failures: https://technet.microsoft.com/en-us/library/cc976395.aspx
### PowerShell auditing (PowerShell 5.0): ### PowerShell auditing (PowerShell 5.0):
DeepBlueCLI uses module logging (PowerShell event 4013) and script block logging (4104). It does not use transcription. DeepBlueCLI uses module logging (PowerShell event 4013) and script block logging (4104). It does not use transcription.