http://blogs.technet.com/b/yuridiogenes/archive/2011/06/24/identifying-suspicious-activity-on-your-edge-device-part-2.aspxIntroduction In the first part of this post I explained the scenario and the initial approach for data gathering, in this second part I’m going to discuss the approach to collect data while the incident is happening. Understanding Data Gathering Processen-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)