Windows Event Logs - Zero to Hero
Offered By: YouTube
Course Description
Overview
Explore Windows Event Logs in-depth through this comprehensive conference talk from Bloomcon 2017. Delve into topics such as Windows Event Forwarding, log volume management, and the implementation of a Cuckoo Malware Lab. Learn about the differences between alerting and exploring logs, analyze real-world examples like the Deep Panda sample, and understand the importance of monitoring local admin additions. Discover Event Tracing for Windows, PowerShell logging, and Active Directory monitoring techniques. Gain insights into monitoring your monitoring systems, and receive valuable one-offs, gotchas, and recommendations from experts Nate Guagenti and Adam Swan. Enhance your cybersecurity skills and learn how to leverage Windows Event Logs effectively in this informative 56-minute presentation.
Syllabus
Intro
Windows Event Logs? Really?
Windows Event Forwarding
How many logs (EPS) are we talking about?
Description of our Cuckoo Malware Lab
Alerting vs. Exploring
Continued... (Deep Panda Sample)
Adding Local Admin
Event Tracing for Windows
PowerShell
AD: Right to Control All Users
Monitoring Your Monitoring
One-offs, Gotchas, and Recommendations
Questions?
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube