Hardening Tips

PowerShell Need Logs

Written by Robbz Olson | Jul 17, 2026 1:18:00 PM

Many vulnerabilities commonly use PowerShell to execute attacks on your system without leaving any traces. Powershell transcription logs are turned off by default on windows. Lets change that...

- Go to your start menu and find "Registry Editor" as admin
- go to this path: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\PowerShell\Transcription
- Either create or open a DWORD called "EnableTranscripting" and set it to 1 

Now you will see powershell transcription logs anytime that anyone (or anything) uses powershell to run commands on your computer! These logs will appear in your documents folder by default. (see image attached) 

(if you want a free guide of other hardening tips like this or a better method of hardening configuration settings email me at hardeningtips@senteon.co😉 )