Introduction to Ingesting Windows Event Logs in Real-Time

preview_player
Показать описание
In this video series, Maxime Lamothe-Brassard talks about LimaCharlie’s powerful ability to capture and analyze Windows Event Logs (WEL) in real-time. Ingested WEL are indexed along common indicators of compromise (IoC’s) and run through the LimaCharlie Detection & Response (DR) engine. DR rules can be run against artifacts as they are ingested or even across historical data.
---
LimaCharlie also provides an XDR capability along with all of the tools and infrastructure needed for an MSSP or SOC. It is a highly scalable cloud-based solution that delivers everything on-demand using a SaaS model. All features can be accessed through the web application or programmatically via the API. Use a turnkey solution or develop your own. LimaCharlie can integrate with existing security pipelines and replace expensive vendors. Let us show you how.

----------------------------------
General Links
----------------------------------

----------------------------------
Course Playlists
----------------------------------

----------------------------------
Social Media
----------------------------------

  1. LimaCharlie
  2. Network monitoring
  3. zeek
  4. bro
  5. network security
  6. LimaCharlie
Рекомендации по теме
Introduction to Ingesting 0:03:20

Introduction to Ingesting Windows Event Logs in Real-Time

Ingesting Windows Event 0:03:58

Ingesting Windows Event Logs

Section 1 - 0:06:17

Section 1 - Introduction & Installation - Lecture 5: Ingesting Events Windows

Ingesting Artifacts (Windows 0:37:02

Ingesting Artifacts (Windows Event Logs, PCAPS, Log files, etc)

Collecting & analysing 0:09:49

Collecting & analysing Windows event logs with Winlogbeat & ELK

Windows Event Forwarding 0:33:02

Windows Event Forwarding at Scale

Ingesting Windows Security 0:03:27

Ingesting Windows Security Event Logs1

Windows Event Logs 0:53:31

Windows Event Logs

Analyzing Windows Event 0:04:18

Analyzing Windows Event Logs

Drinking Windows - 0:00:36

Drinking Windows - Introduction to a new series

Diving into Windows 0:42:50

Diving into Windows Logon Process

211 Introducing DeepBlueCLI 0:49:17

211 Introducing DeepBlueCLI a PowerShell module for hunt teaming via Windows event logs Eric Conrad

Windows Event Collector 0:14:46

Windows Event Collector clustering with Syslog-ng

Windows 10/11:- Working 0:06:25

Windows 10/11:- Working with Event Viewer

Capturing Windows Event 0:08:40

Capturing Windows Event Logs With LimaCharlie

Monitoring Windows Event 0:03:17

Monitoring Windows Event Forwarding | WEC Clients | Security Spotlight

How to tweak 0:03:59

How to tweak Windows logs to better investigate attacks

Rocking your Windows 0:22:23

Rocking your Windows EventID with ELK Stack - SANS DFIR Summit 2016

Splunk Windows Logs 0:19:37

Splunk Windows Logs | Splunk on Windows 10 | Event Viewer Logs, CPU & Memory

Using Windows Event 0:41:37

Using Windows Event Collector for Fun and Profit - Global Cribl UG - 2023-02-14

Cribl Handling XML 0:12:36

Cribl Handling XML Windows Event Logs

211 Introducing DeepBlueCLI 0:49:17

211 Introducing DeepBlueCLI a PowerShell module for hunt teaming via Windows event logs Eric Conrad

Artifact Collection (Windows 0:07:32

Artifact Collection (Windows Event Logs) With LimaCharlie

Getting Started with 0:03:31

Getting Started with Exabeam: How to install Windows Event Log Collector