YoVDO

Log Parser as a Forensic Tool

Offered By: BasisTech via YouTube

Tags

Open Source Digital Forensics Conference (OSDFCon) Courses Cybersecurity Courses Incident Response Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the potential of Log Parser as a forensic tool in this 40-minute webinar from the OSDFCon series. Discover how this Microsoft tool can be integrated with open-source solutions to create a fast, lightweight system for collecting operating system data, registry information, and log files. Learn techniques for quickly parsing log files and registry data, and see how Log Parser can be combined with tools from The Sleuth Kit to form a comprehensive, open-source incident response toolkit. Gain insights from Robert Kardell, a former FBI agent with extensive experience in computer crimes and forensics, as he shares his expertise on using Log Parser for forensic investigations. Delve into topics such as command-line tools, SQL queries, file system queries, Log Parser Studio, and batch file analysis. Understand the tool's limitations and explore practical examples, including network list analysis and registry key examination.

Syllabus

Introduction
Roberts Background
Computer forensics
State data breach notification statutes
Resources
Command Line Tool
SQL Query
File System Query
Log Parser Studio
Log Parser Library
LogParser Studio
Query Last Right Time
VB Data Wrapper
Search for Events
Registry
Batch File Analysis
Limitations
Network List Example
Network List Error
Empty Registry Key
Questions


Taught by

BasisTech

Related Courses

Meet the xLeapp Family
BasisTech via YouTube
Decrypting TLS Traffic on the Fly
BasisTech via YouTube
Two Faces to the Same Linux - GUI Environments
BasisTech via YouTube
Chrome Wasn't Built in a Day
BasisTech via YouTube
Velociraptor - Dig Deeper
BasisTech via YouTube