O'Reilly logo

Operating System Forensics by Ric Messier

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8

Log Files

Abstract

Using open source tools to collect memory and analyze it as part of a forensic investigation.

Keywords

operating systems
forensics
operating environments

INFORMATION INCLUDED IN THIS CHAPTER:

Windows event logs
Unix Syslog
Application logs
Mac OS X logs
Security logs
Auditing

Introduction

System administrators rely on log files as part of their every day lives. Without log files, an administrator would be unable to determine what happened when something goes wrong. These are essential system files. However, they are not only essential for system administrators. They can also be very good sources of information for a forensics professional, no matter what platform the logs are on. Windows systems have a ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required