EVENT LOG ANALYSIS for SOC Analysts by LetsDefend
During an investigation, Event Logs are tracked because they have a comprehensive form of activities. The “EventViewer” tool can be used to simply examine the logs. ✔ INTRODUCTION TO EVENT LOG ✔ ANALYSIS SUCCESSFUL LOGON EVENTS ✔ DETECTING BRUTE FORCE ✔ DETECT PERSISTENCE FROM EVENT LOGS