# Log Management

Logs

 

* System Logs
* * Powshell activity
  * Dns activity
  * Sysmon logs
  * File integration monitoring logs

 

 

 

 

* Application Log
* * Usage information
  * Client requests
  * Server responses
  * User authentication attempts
  * Configuration changes
* WebServer Logs
* Firewall logs
* Windows firewall logs
* Router logs
* Switches logs
* Proxy logs
* Reverse logs
* DNS Server logs
* DNS Revers proxy logs
* Load balancer logs
* VPN Logs

 

 

Security Data/ security log

 

* LSASS
* * Local security authority subsystem service
* Active Directory Logs
* Domain controller logs
* Kerberos logs
* IAM Logs
* PAM Logs
* IDS logs
* IPS Logs
* NGFW logs
* Antivirus logs
* Cloud service/provider logs
* EndPoint logs
* * Mobile
  * Windows defender logs