-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathLogging_-_Windows--Important_logs.html
More file actions
12 lines (12 loc) · 1.05 KB
/
Logging_-_Windows--Important_logs.html
File metadata and controls
12 lines (12 loc) · 1.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
<!doctype html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<title>Important logs</title>
<meta name="generator" content="CherryTree">
<link rel="stylesheet" href="res/styles3.css" type="text/css" />
</head>
<body>
<div class='page'><h1 class='title'>Important logs</h1><br/><h1>Important logs (doesn’t cover everything)<br /></h1><h2>• Security - Account & auth related logs and more!<br />• Powershell & Microsoft-Windows-Powershell/Operational - powershell related logs<br />• Microsoft-Windows-Windows Defender/Operational - defender logs<br />• Microsoft-Windows-Windows Firewall With Advanced Security/Firewall - firewall activity<br />• IIS logs<br /></h2><br />More info about collecting logs: <br /><a href="https://github.com/nsacyber/Event-Forwarding-Guidance/tree/master/Events">https://github.com/nsacyber/Event-Forwarding-Guidance/tree/master/Events</a> <br /><a href="https://www.malwarearchaeology.com/cheat-sheets">https://www.malwarearchaeology.com/cheat-sheets</a> </div>
</body>
</html>