This analytic rule detects the execution of `powershell.exe` with command-line arguments that include `Get-DomainComputer`, a cmdlet found in PowerView, which is known for its use in domain enumeration by attackers. The detection relies on data collected from Endpoint Detection and Response (EDR) solutions that monitor processes and their command-line executions. The use of `Get-DomainComputer` can indicate an attacker's intent to map the network and identify critical systems for potential unauthorized access and data exfiltration. By utilizing Sysmon and Windows Event logs, this rule can surface instances where PowerShell is employed to disclose sensitive configuration details of computers in a domain, representing a significant security risk in an enterprise environment.