https://jean0828.github.io/blog/posts/Monitoring-Powershell-commands-with-Elastic-Stack/