EventMonitor.Windows

1.0.3

EventMonitor/Telemetry/MonitoringConfig.json

                                {

  "JournalEnabled": false,

  "RetentionDays": 7,

  "Level": "Standard",

  "JournalMinSeverity": "Medium",

  "LogLevel": "Warning",

  "EnabledGroups": [

    "Logon",

    "Logoff",

    "SSH",

    "RDP",

    "AccountManagement",

    "GroupManagement",

    "AuditTampering",

    "Persistence",

    "PersistenceSystem",

    "SystemHealth"

  ]

}