We are in the process of deploying ELASTIC AGENT on all CLIENT OS , We intend to capture Windows Event logs more focused on Security Events which would be used for our SIEM. Any standard filters that can be applied and events that are unwanted can be ignored? Any standard SIEM thumb rule while capturing windows event logs
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.