We’ve found that using scripted inputs helps us to capture specific sources in Windows through the use of PowerShell. Powershell can introduce security complications when execution on machines is not managed, specifically in an Enterprise. To enhance this security we tend to choose a script execution policy that requires the scripts to be signed.
By default Splunk Powershell scripts are not signed so we wrote this article to explain how we did it.
Thanks for posting this!