Searching Exchange Server logs that are 100met plus

General (Technical, Procedural, Software, Hardware etc.)

Last Post by cybertend 3 years ago

1 Posts

1 Users

0 Reactions

1,115 Views

RSS

cybertend

(@cybertend)

Eminent Member

Joined: 6 years ago

Posts: 22

Topic starter 07/03/2022 11:47 pm

I am working on a case where I am looking for a remote threat actor who came in from a foreign IP to a users email who had their password compromised.

The challenge is the logs are 100Meg plus and my commercial software will not index log files that are 100meg plus.

Outside of using grep, which is fine I suppose, any recommendations on an alternate way to read these?

Quote

8 Forums
15.7 K Topics
92.3 K Posts
333 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed