From e7e3e28a80319f622bc2432428db7ee2f9252bd0 Mon Sep 17 00:00:00 2001
From: Sean Wheeler <sean.wheeler@microsoft.com>
Date: Tue, 2 Nov 2021 10:27:34 -0500
Subject: [PATCH] Fix broken link

---
 .../windows-powershell/wmf/whats-new/script-logging.md        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/reference/docs-conceptual/windows-powershell/wmf/whats-new/script-logging.md b/reference/docs-conceptual/windows-powershell/wmf/whats-new/script-logging.md
index c048b566d191..1e978b12bc88 100644
--- a/reference/docs-conceptual/windows-powershell/wmf/whats-new/script-logging.md
+++ b/reference/docs-conceptual/windows-powershell/wmf/whats-new/script-logging.md
@@ -117,7 +117,7 @@ As with all logging systems that have a limited retention buffer, one way to att
 infrastructure is to flood the log with spurious events to hide earlier evidence. To protect
 yourself from this attack, ensure that you have some form of event log collection set up Windows
 Event Forwarding. For more information, see
-[Spotting the Adversary with Windows Event Log Monitoring][report].
+[Use Azure Monitor to integrate with SIEM tools][SIEM].
 
 <!-- link refs -->
-[report]: https://apps.nsa.gov/iaarchive/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
+[SIEM]: https://azure.microsoft.com/blog/use-azure-monitor-to-integrate-with-siem-tools/