how to improve poweshell logging in sentinel
![](https://techprofile.blob.core.windows.net/images/YR-6B_VTR0ODyuIJugBgGg.png?8DA7DF)
David Broggy
5,701
Reputation points MVP
any thoughts on how to improve powershell logging in Sentinel, beside enabling advanced powershell auditing and using defender for endpoints?
I just read this (old) article on blue team practices with powershell and I wonder how much of this is now monitored 'out of the box' with defender for endpoint and by enabling/logging advanced powershell windows events?