60 minutes goes by really quick and it’s very difficult to cover even very targeted topics in that short amount of time. This definitely applied to my Advanced Data Collection session at System Center Universe Europe 2015. To my knowledge the recording will be up on Channel 9 soon but also links with supporting information on the many of the details I covered are in order and thus … this post.
this was one of the top 3 sessions at SCU Europe. In the demo you showed how to collect data from the Windows event log. Can I find sample code to this anywhere in the web? I’d like to build our own small IDS by monitoring the creation and deletion of local accounts, adding users to a privileged group and installation of services.
Thank you for the kind words. I’ve just added a new post covering this Local Shutdown Tracking in ConfigMgr .