Windows protected event logging format

First of all, thanks for the help.

We are considering using PEL to protect Windows logs and we don't know very well how to do the decryption process to incorporate the logs into ELK using Logstash and winlogbeat.

Thanks for everything.

PEL https://blogs.technet.microsoft.com/kfalde/2017/05/13/securing-your-powershell-operational-logs/

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.