Upload files to "3 DC/Agents"

3 DC/Agents/1) DCO_GPO_CUSTOMER.md

@@ -0,0 +1,16 @@
+[sysmon](https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon)
+
+[sysmon config](https://github.com/olafhartong/sysmon-modular)
+
+[inputs for splunk](https://github.com/mdecrevoisier/Splunk-input-windows-baseline/blob/main/splunk-windows-input/win_input.conf)
+
+[splunk universal forwarder](https://www.splunk.com/en_us/download/universal-forwarder.html)
+
+[elastic agent](https://www.elastic.co/downloads/elastic-agent)
+
+
+## Event Logs
+- process tracking #enables CMD logging
+- enable wmi
+- enable powershell remoting
+- [Audit Policy](https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/audit-policy-recommendations)