Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
Why do you think that https://github.com/mandiant/commando-vm is a good alternative to Event-Forwarding-Guidance