Windows 10: Enable built-in process/DLL logging

[German]A little shortie for the weekend. In Windows 10 there is the option to log processes or the loading of DLLs and drivers. The option can be turned on via the Code Integrity policy.


Advertising

This is possible via PowerShell using theCode Integrity Policy and the ConvertFrom-CIPolicy cmdlet. I came across the relevant information from Matt Graber the other day via the following tweet.

Code Integrity Policy

Greaber introduced this approach in a sequence of tweets (this one is about user-mode logging). However, this may be old hat for administrators working with these policies.

This entry was posted in Windows and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *