We're looking for best practices for active directory log collection.
What are the significant log channels and event ids for AD monitoring?
I don't think RSA has, need to check with MS, or search online...
I don't think RSA has, need to check with MS, or search online...