We have Domain Controllers configured as NTP. My Info Sec department want me to validate that the DCs are indeed configured as such. I did not configure the DCs so I wouldnt know where to check to validate this. Are there certain logs that I can check within the DCs to determine this?
Also, how can I send those logs to Splunk?