Explore the hidden world of Windows Event Logs with our quick guide. Discover how to access and interpret these logs, gaining insights into your system's health and performance. Master the art of troubleshooting and monitoring in minutes.

Three machines in the Finance department at Pfeffer PLC were compromised. We suspect the initial source of the compromise happened through a phishing attempt and by an infected USB drive. The Incident Response team managed to pull the network traffic logs from the endpoints. Use Brim to investigate the network traffic for any indicators of an attack and determine who stands behind the attacks.

Discover network insights while utilizing Wireshark. Analyze ICMP, DNS, HTTP/S, ARP, DHCP, NetBIOS, and Kerberos traffic for performance optimization and security enhancement.

SOC Analyst Johnny has observed some anomalous behaviors in the logs of a few windows machines. It looks like the adversary has access to some of these machines and successfully created some backdoor. His manager has asked him to pull those logs from suspected hosts and ingest them into Splunk for quick investigation. Our task as SOC Analyst is to examine the logs and identify the anomalies.