TWCN Tech News

How to export Windows Event logs with PowerShell

Here are the three commands to extract Even logs using PowerShell. Using Get-WinEvent Using Get-EventLog Using wevtutil for Raw EVTX Logs You can run these commands on PowerShell or Windows Terminal.
Windows Report

Microsoft Closes a Longstanding GPP Debugging Gap With Event ID 4117

Microsoft adds Event ID 4117 to Group Policy Preferences, showing clearer failures and speeding up troubleshooting.
CSOonline

How to enable event collection in Windows Server

SIEM and SOAR allow enterprises to collect and correlate log event data but may not be the ideal choice for every organization. Microsoft’s Windows Event Forwarding aggregates system event logs from ...
SDxCentral

Best Practices for Event Logging and Threat Detection

This publication defines a baseline for event logging best practices to mitigate cyber threats. It was developed by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) ...
WinBuzzer

Microsoft Modernizes Group Policy Diagnostics in Windows 11

Microsoft has introduced Event ID 4117 in Windows 11 and Server 2025, replacing cryptic GPP Event ID 4098 errors with ...
Bleeping Computer

Hackers are now hiding malware in Windows Event Logs

Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. The method ...
CSOonline

Microsoft Event Log vulnerabilities threaten some Windows operating systems

Two newly discovered vulnerabilities have been found to impact an Internet Explorer-specific Event Log present on operating systems prior to Windows 11. A pair of newly discovered vulnerabilities have ...