YoVDO

Windows Event Logs - Zero to Hero

Offered By: YouTube

Tags

Conference Talks Courses PowerShell Courses Active Directory Courses Windows Event Logs Courses

Course Description

Overview

Explore Windows Event Logs in-depth through this comprehensive conference talk from Bloomcon 2017. Delve into topics such as Windows Event Forwarding, log volume management, and the implementation of a Cuckoo Malware Lab. Learn about the differences between alerting and exploring logs, analyze real-world examples like the Deep Panda sample, and understand the importance of monitoring local admin additions. Discover Event Tracing for Windows, PowerShell logging, and Active Directory monitoring techniques. Gain insights into monitoring your monitoring systems, and receive valuable one-offs, gotchas, and recommendations from experts Nate Guagenti and Adam Swan. Enhance your cybersecurity skills and learn how to leverage Windows Event Logs effectively in this informative 56-minute presentation.

Syllabus

Intro
Windows Event Logs? Really?
Windows Event Forwarding
How many logs (EPS) are we talking about?
Description of our Cuckoo Malware Lab
Alerting vs. Exploring
Continued... (Deep Panda Sample)
Adding Local Admin
Event Tracing for Windows
PowerShell
AD: Right to Control All Users
Monitoring Your Monitoring
One-offs, Gotchas, and Recommendations
Questions?


Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube
Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube
Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube
What's New in Grails 2.0
ChariotSolutions via YouTube
Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube