Hi Team,
Couple of mid-servers are triggering Discovery Command - "net" localgroup administrators. I want to confirm whether its legitimate activity or suspicious one.
I am not sure how/why this command has been triggered time to time as I couldn't find any related command in mid server logs. Any input would be helpful.
#mid-server commands
