I am a Newbie to Splunk and working on monitoring the BitLocker process. I wondered if I could leverage any Windows Security logs to check whether the BitLocker was enabled by someone to encrypt files or disks. Also, I wanted to monitor if anyone deleted the BitLocker Recovery key on ActiveDirectory.