Collaborate Disseminate
Can anyone tell me what is happening here step by step:
# This text file shows a collection of log entries from the NIDS and one of the hosts on the network
# Only relevant entries are shown
#
1. 14:45:05:47. Packet from 62.8.1.2 to 102.8… Continue reading Nids log files step by step [closed]
I am curious that how can can i delete windows logs with PowerShell & cmd command in period of time?
Period of time mean only delete specific logs related to last two month.
Please show all possible ways in both PowerShell & cmd.
… Continue reading How delete windows logs with powershell & cmd command in period of time [closed]
How can I get the SOF-ELK VM to inject the IIS logs like the httpd logs. Here are my filebeats yml configs:
/etc/filebeat/filebeat.yml
filebeat.config.inputs:
enabled: true
path: /usr/local/sof-elk/lib/filebeat_inputs/*.yml
filebeat.c… Continue reading Need help configuring SOF-ELK Sans to parse IIS W3C logs
I need to analyse a Mac for traces of file/internet activities.
I wonder if such things like file creation/modifications or wifi activities are tracked somewhere
Recently my windows defender warned me about a possibly malicious program it found on my pc. I have trouble interpreting the data windows defender serves me and I haven’t found any microsoft documentation regarding the processStart value.
… Continue reading How to find data associated with windows defender processStart reference in windows10
I’m researching log-analysis using webserver/HTTP logs, so I created the pipeline for this use case (Anomaly detection). Let’s say I have number/counts of logged records/events for each username.
The problem is I’m not sure what is the be… Continue reading Defining user anomalies by analysing web server interaction counts [closed]
Hello, I am Seonho Lee from the Affiliated Institute of ETRI. Today, I talk about the forensic analysis of ReFS Journaling.
Before everything, let me just briefly explain the two key topics of the presentation. I’m going to explain what &helli… Continue reading Forensic Analysis of ReFS Journaling
Hi, thanks for showing me. This is Christian Chao, a PhD from Iowa State University. Today, I’m going to present LogExtractor. This is joint work with Chen Shi and my advisor is professor Neil Zhenqiang Gong and professor Yong Guan. &hellip… Continue reading LogExtractor: Extracting Digital Evidence From Android Log Messages Via String & Taint Analysis
I found client.log in my EFI system partition, and this is what it contains:
SAFE-MDx Authorization Client
Copyright (C) 2009-2020 Dell Inc., All Rights Reserved.
SafeAuthClient.exe version: 2.3.7
-CSL Library version: 1.020
-COSPA Runti… Continue reading What is SAFE-MDx Authorization Client, and what does it do?
I’m trying to edit my rsyslog.conf in order to set hex parts of my auditd logs in clear.
Does anyone know if it is possible to configure rsyslog in order to apply a parsing on the log received by a bash script ? (Or any other technique)
It… Continue reading Rsyslog & Auditd – Parsing audit.log / proctitle hexadecimal value to ascii [migrated]