O'Reilly logo

Cybersecurity - Attack and Defense Strategies by Erdal Ozkaya, Yuri Diogenes

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Windows logs

In a Windows operating system, the most relevant security-related logs are accessible via Event Viewer. In Chapter 13, Investigating an Incident, we spoke about the most common events that should be reviewed during an investigation. While the events can be easily located in Event Viewer, you can also obtain the individual files at Windows\System32\winevt\Logs, as shown in the following screenshot:

However, log analysis in an operating system is not necessarily limited to the logging information provided by the OS, especially in Windows. There are other sources of information that you could use, including prefetch files (Windows ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required