Log Management

Logs

  • System Logs

    • Powshell activity

    • Dns activity

    • Sysmon logs

    • File integration monitoring logs

  • Application Log

    • Usage information

    • Client requests

    • Server responses

    • User authentication attempts

    • Configuration changes

  • WebServer Logs

  • Firewall logs

  • Windows firewall logs

  • Router logs

  • Switches logs

  • Proxy logs

  • Reverse logs

  • DNS Server logs

  • DNS Revers proxy logs

  • Load balancer logs

  • VPN Logs

Security Data/ security log

  • LSASS

    • Local security authority subsystem service

  • Active Directory Logs

  • Domain controller logs

  • Kerberos logs

  • IAM Logs

  • PAM Logs

  • IDS logs

  • IPS Logs

  • NGFW logs

  • Antivirus logs

  • Cloud service/provider logs

  • EndPoint logs

    • Mobile

    • Windows defender logs

PreviousThreat hunting scenariosNextAWS VPC flow log analysis

Last updated