Register For Webinar: So Many Logs, So Little Time: Efficient Windows Event Log Analysis

Windows Event Logs record evidence of many significant types of activity, including when a machine was booted or shut down, when users logged in and out and from where, device insertions, network connections and so much more. But knowing how to efficiently find this evidence is complicated by several factors. Investigators need to sort through a multitude of types of events recorded, inconsistent Event ID numbers across Windows versions and multiple file formats. The fact that there can easily be hundreds of thousands of records on even lightly used machines can make analyzing Event Logs a daunting task. All these factors can present a significant barrier for investigators to use Event Logs to their fullest potential.

Join Cellebrite’s Senior Digital Forensics Researcher, Dr. Vico Marziale, as he walks you through the tools you need to quickly and easily get to the important information that can add an abundance of context to your case.

During this webinar, Vico will cover:

  • History and background of Event Logs on Windows
  • Types of case-related activity Event Logs can speak directly to
  • How to find the important information in the sea of log entries
  • How to build activity timelines of important system events using just the Event Logs

Date:  16th September 2020
Time: 2:00 PM EST / 11:00 AM PST

Register here


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.

Unsubscribe any time. We respect your privacy - read our privacy policy.


Leave a Comment