Event Log Management in Windows | TryHackMe Windows Event Logs

preview_player
Показать описание
In this video walkthrough, we covered managing logs in windows using event viewer, powershell and windows command line. We examined also a scenario to investigate a cyber incident.
#windows
#powershellscripting
*******
Receive Cyber Security Field, Certifications Notes and Special Training Videos
Answers
**********
TryHackMe Windows Event Logs
********
LinkedIn
Instagram
Twitter
Facebook
  1. Motasem Hamdan | Cyber Security & Tech
  2. windows
  3. powershell
  4. logs
  5. cybersecurity
Рекомендации по теме
How To Use 0:08:00

How To Use The Windows Event Viewer For Cyber Security Audit

How to Set 0:05:45

How to Set up Windows Event Log Forwarding [Step-by-Step]

Event Log Management 1:02:54

Event Log Management in Windows | TryHackMe Windows Event Logs

Windows Event and 0:36:38

Windows Event and Logging Demystified: IT Admin Edition

Try Hack Me: 0:55:06

Try Hack Me: Windows Event Logs

How to Event 0:03:56

How to Event Log Login and Shutdown Activities in Windows 10/8/7

Understanding the Windows 0:13:43

Understanding the Windows Server Event Log

How to monitor 0:02:15

How to monitor Windows event logs with BMC Helix Log Analytics

Fundamental Tutorials of 1:04:38

Fundamental Tutorials of Dynatrace - Part-28 - 2024

Microsoft Sentinel: Maturity 0:28:24

Microsoft Sentinel: Maturity Model for Event Log Management Solution

Quick Forensics of 0:09:55

Quick Forensics of Windows Event Logs (DeepBlueCLI)

How to Use 0:06:17

How to Use Event Viewer

Modernize Log Management 0:55:46

Modernize Log Management with the Maturity Model for Event Log Management (M-21-31) Solution

How to use 0:05:15

How to use Event Viewer to fix your Windows 10 computer

How to check 0:02:56

How to check application logs in Windows 10 [Event Viewer] | Unlimited Solutions

Event Viewer - 0:00:56

Event Viewer - What is going on with Windows?

Windows EventLog Monitoring 0:12:04

Windows EventLog Monitoring With ZABBIX

Brief Introduction to 0:09:32

Brief Introduction to Windows Event Viewer

The One About 0:28:06

The One About The Windows Event Log

Understanding Event Logs 0:06:32

Understanding Event Logs is critical to Cyber Security

How to Access 0:02:09

How to Access Windows 10 Event Logs | Locate & Analyze Like a Pro!

Simplifying Event Log 1:03:37

Simplifying Event Log Management

How to Clear 0:01:35

How to Clear Event Logs in Windows 10 [Tutorial]

Clear Event Logs 0:00:19

Clear Event Logs in Windows

Комментарии
Автор

@1:02:15 The reason that the Group Security Id isn't the 551 one is because the question states that it is an "Administrator Group". The first group that we see is a "BackUp Operators" group.

HundredAcres
Автор

I'm literally commenting on all your videos just to help you get more reach, your work is amazing mate. Thanks again

Maccanarchy
Автор

You saved me yet again Motasem. @9:21 the video shows a directive that the website must have missed. In my version of TryHackMe WEL room it does not as easily differentiate between the two logs. (they sound the same... powershell log sounds like a quicker way of saying powershell operational log.... but its a different log entirely) Oddly this is the one question that needs a hint but does not have one.

I would also like to comment how your thorough video walkthroughs provide so much more information than the room ever could. I find myself listening to your side commentary more than the actual relational room vocale!

Thank you David
תודה לך דוד

kevinweeks
Автор

thank you ur doing well and about this all informtaions

ahmedmoaz
Автор

Thank you habibi for the walk-through!! You're a lifesaver!!
Btw, how did you set-up your Kali desktop so nicely?

jamilshekinski
Автор

Thank you very much. This is very helpful

NaidsVibes
Автор

Thank you for doing this I’m learning so much !!

Martin-rniu
Автор

Thanks so much for this sir, you dey motivate me. God Bless

love-beef
Автор

Hey Morten you mentioned your using a deployed machine using rdp how do you do that ?

deonmarfo
Автор

Hi at 49:15 why do you take the first result 12/18/2020 7:50:33AM ? Isn't that the latest and not the first event?

jerald
Автор

I’m kinda confused why you chose 104
For event Id and how do u make a new line without adding ‘ n or r I tried googling it but always tells me
To use ‘n or ‘r

reconxf
Автор

What event files would be read when using the query-events command?

cesarbelmonte
Автор

Hi, in the event Logs, in task 3 the question :What event files would be read when using the query-events command? is change, Can you help with new answer? Tanks 😊

pograva
Автор

How were you able to filter the events using Get-WinEvent from the merged.evtx file?

lsosa
Автор

46:45 ما بعرفش شو بدي احكي 😂😂😂 out of context

omaralmardi
Автор

i was able to follow this tutorial and i was able to get the powershell scrpit for task 7 Group security ID and event ID

Group Security ID

event ID


robertochieng