Learn>Course
Course
Badge

Event Log Analysis

You can find lots of evidence from Event Logs. Learn how to use event logs during the investigations.
0Total Lessons0Lesson Questions0SOC Alerts0Lesson Quiz0Hours to complete
Incident Responder
Hard
Event Log Analysis
This course will teach you the structure of Windows event logs and how you can detect persistence, manipulation, execution, etc. in a hands-on way. You'll do lots of practice during the course.
What are you waiting for?
Table of content
  • Introduction to Event Logs
  • Event Log Analysis
  • Authentication Event Logs
  • Windows Scheduled Tasks Event Logs
  • Windows Services Event Logs
  • Account Management Events
  • Event Log Manipulation
  • Windows Firewall Event Logs
  • Windows Defender Event Logs
  • Powershell Command Execution Event logs
Practice with SOC Alert
  • 64 - SOC130 - Event Log Cleared
  • 101 - SOC153 - Suspicious Powershell Script Executed
Evaluate Yourself with Quiz
  • Detailed Event Log Quiz
Event Log Analysis
You can find lots of evidence from Event Logs. Learn how to use event logs during the investigations.
YOUR PROGRESS
Lesson Completion0%
SOC Alerts0 of 2
Quiz0 of 1
ACHIEVEMENTS
"Event Log Hunter" BadgeEvent Log Hunter
EXPECTED OUTCOMES
  • Understand Event Log structure
  • Detection attacks with Event Logs
  • Important Event Logs for investigation
    • INTENDED AUDIENCE
  • Incident Responders
  • Incident Responder candidates
    • Event Log Analysis
    You can find lots of evidence from Event Logs. Learn how to use event logs during the investigations.