Group coverage
In case you use conventional Energetic Listing instruments, use group coverage to allow PowerShell logging. Open the Group Coverage Administration Console. Create a brand new Group Coverage Object (GPO) or edit an present one. Navigate to Pc Configuration > Administrative Templates > Home windows Parts > Home windows PowerShell. Find the setting “Activate PowerShell Script Block Logging” and set it to Enabled.
Susan Bradley / CSO
This logging permits you to seize the content material of all executed scripts, together with instructions and capabilities.
Intune
Equally in Intune carry out the next steps: Go to Microsoft Intune Admin Middle and discover gadgets. Click on on Home windows gadgets and Configuration. Click on Create, choose New Coverage. Choose Home windows 10 and later, choose Settings Catalog below profile sort, and click on Create. Enter PowerShell Configuration as identify, enter a Description if wanted, and click on Subsequent. Click on Add settings, enter PowerShell within the Seek for a setting bar, and click on Search. Choose Administrative TemplatesWindows ComponentsWindows PowerShell, and click on Choose all these settings, or undergo each and choose these you wish to monitor.
