Chapter 8

Log Files

Abstract

Using open source tools to collect memory and analyze it as part of a forensic investigation.

Keywords

operating systems

forensics

operating environments

INFORMATION INCLUDED IN THIS CHAPTER:

• Windows event logs

• Unix Syslog

• Application logs

• Mac OS X logs

• Security logs

• Auditing

Introduction

System administrators rely on log files as part of their every day lives. Without log files, an administrator would be unable to determine what happened when something goes wrong. These are essential system files. However, they are not only essential for system administrators. They can also be very good sources of information for a forensics professional, no matter what platform the logs are on. Windows systems have a ...

Get Operating System Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Operating System Forensics by Ric Messier

Log Files

Abstract

Keywords

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly