EVENT LOG ANALYSIS for SOC Analysts by LetsDefend





During an investigation, Event Logs are tracked because they have a comprehensive form of activities. The “EventViewer” tool can be used to simply examine the logs.

✔ INTRODUCTION TO EVENT LOG

✔ ANALYSIS SUCCESSFUL LOGON EVENTS

✔ DETECTING BRUTE FORCE

✔ DETECT PERSISTENCE FROM EVENT LOGS


Leave a Comment