# Workflows
## Event Logging Deployment
```
[Audit current logging configuration] → [Enable Advanced Audit Policy via GPO]
  → [Enable command line logging] → [Increase log sizes]
  → [Configure WEF or agent-based forwarding] → [Verify events in SIEM]
  → [Build detection rules from high-value events] → [Quarterly logging audit]
```