Event Log Management in Windows | TryHackMe Windows Event Logs

📄 Cyber Security Certification Notes & Cheat Sheets
https://buymeacoffee.com/notescatalog...
🚀(2nd link) Cyber Security Certification Notes & Cheat Sheets
https://shop.motasem-notes.net/collec...
💡Cyber Security Notes | Membership Access
https://buymeacoffee.com/notescatalog...
🧩Cybersecurity Direct Coaching & Mentoring
https://shop.motasem-notes.net/collec...
🔥Download FREE Cyber Security 101 Study Notes
https://buymeacoffee.com/notescatalog...
🧠 Get Strategic cyber security and tech insights weekly to your email by joining my newsletter below
https://buymeacoffee.com/notescatalog...
📊Blog Writeups
https://www.motasem-notes.net
****
In this video walkthrough, we covered managing logs in windows using event viewer, powershell and windows command line. We examined also a scenario to investigate a cyber incident.
#windows
#powershellscripting
*******
Receive Cyber Security Field, Certifications Notes and Special Training Videos
https://www.buymeacoffee.com/notescat...
Answers
https://motasem-notes.net/event-log-m...
**********
TryHackMe Windows Event Logs
https://tryhackme.com/room/windowseve...
********
Store
https://buymeacoffee.com/notescatalog...
Patreon
  / motasemhamdan  
Instagram
  / motasem.hamdan.official  
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6ai...
LinkedIn
[1]:   / motasem-hamdan-7673289b  
[2]:   / motasem-eldad-ha-bb42481b2  
Instagram
  / mastermindstudynotes  
Twitter
  / manmotasem  
Facebook
  / motasemhamdantty  
****
0:00 - Introduction to Windows Event Logs
0:14 - Accessing the TryHackMe Windows Event Logs Room
0:29 - Overview of Event Viewer and Sysinternals Tools
0:52 - Exploring the Event Viewer Interface
2:17 - Accessing Windows Powershell Operational Logs
4:13 - Event ID 40961 and Filtering Event Logs
5:11 - Filtering Event IDs in Powershell Logs
7:24 - Exploring XML View and Extracting Information
9:03 - Task Category in Event Viewer
9:42 - Using Command Line for Log Analysis
10:52 - Introducing the Windows Event Command Line Utility
12:13 - Enumerating Log Names and Using Commands
14:01 - Querying Events and Filtering Logs by Event ID
17:16 - Explanation of Command Options and Query Filters
18:05 - Analyzing Application Logs via Command Line
21:10 - Introduction to PowerShell and Get-WinEvent Command
22:22 - Retrieving Logs Related to OpenSSH
23:40 - Searching for Event Providers with PowerShell
25:00 - Counting Event IDs and Filtering with Get-WinEvent
27:00 - Using XPath Queries for Event Filtering
29:17 - Using Max Events and Querying Event Logs
31:05 - Conclusion on Querying and Filtering Events in PowerShell