GitLab now enforces expiry dates on tokens that originally had no set expiration date. Those tokens were given an expiration date of one year later. Please review your personal access tokens, project access tokens, and group access tokens to ensure you are aware of upcoming expirations. Administrators of GitLab can find more information on how to identify and mitigate interruption in our documentation.
PowerShell can be used to easily modify event log data and convert it into a format to be used by tools like Logstash, Elasticsearch, and Kibana. A common format used is JSON. Once the event data has been converted, most GUI based SIEMs have a simple method for uploading the resulting JSON file. However, that will not be demonstrated here, as it is outside the scope of this class.
=== CovertTo-JSON
=== ConvertTo-JSON
The ConvertTo-Json cmdlet takes walls of Windows event log text and places it into a format that can be indexed by the aforementioned tools.
