How to create a AD Lookup script and forward to GrayLog

I am fairly new to PS scripting so I will be relying heavily on scripts made by the community or just learning myself, but am on a time constraint. I need to create a PS script for a SIEM environment my team is developing that would forward multiple domains Active Directory Administrative Data (logon attempts, config changes, policy changes, password changes…so on) on an automatic basis to a logging platform such as Graylog. Any help is greatly appreciated. I will also be looking through online sources for tips.

Edit: I would like this to be extracted as a .CSV to import to the syslog solution

submitted by /u/boddam
[link] [comments]

Leave a Reply