Jun 01 2021
- last edited on
Apr 08 2022
Hey, I have a handful of agents to deployed to various Windows machines, but one (or a couple) are happily sending heartbeats, System and Application logs, but NOT the Security log?
Jun 02 2021 09:05 AM
The Security Log, in Microsoft Windows, is a log that contains records of login/logout activity or other security-related events specified by the system's audit policy. Auditing allows administrators to configure Windows to record operating system activity in the Security Log.
Azure Security: If you have VM hosted in On-Prem or Azure env, the necessary agent deployed to be monitor the Insights and other security events to capture through Azure Security Center where you have package which includes Azure defender plan https://azure.microsoft.com/en-us/pricing/details/azure-defender/
Please explore this Security Center to have monitor all real time threads, exploits and suspicious traffic etc
Jun 02 2021 02:05 PM