Hello everyone, now I’m free to type a few lines to save later, I review at Log file analyser Group Buy to find it quickly, maybe the information is still missing but I have worked with this information before.
In this series of articles, I will write a few articles about Log file analyser, see which one writes that, and will go slowly. This article has a reference (translation) with experience + other places about “Windows Event Log Analysis” which roughly translates as “Technology for analyzing Event Log on Windows”.
>> SEE MORE https://toolszap.info
What is a Log file analyser ?
Log file analyser this is the Vietnamese meaning of the term Log file analyser A term belonging to the Group of Technology. Information Technology Terms. Businesses or networks operate and mitigate various risks proactively.
The first introduction to the Event Log on Windows is where the activities on the computer are saved. Such as who logs on to the computer. What time is logged in, in addition, what process is running, where the connection is going, …are all saved. These are also frequently asked questions in the field of investigation and traceability (the specialized term is called forensic).
To turn it on, you can configure it in the operating system’s registry.
Structural format of event log?
The Windows Event Log is stored in the default directory at the path you can directly access the path or in addition, view through the Event Viewer, to enable the Event Viewer you have You can go running and type the keyword “event”.
By default, the amount of log stored in this event log is not much. About SIEM for monitoring. The SIEM series I will write later and will link to.
In addition, Each workspace will consist of many tables, each of which stores data from some source.
Application Insight’s log data also shares the same Log Analytics.
When making queries we can get from Log Analytics. Or Application Insight and use the cross workspace feature to analyze application data.