Audit logs are an invaluable resource to identify activities that have occurred on a system. Logs are analyzed for a wide variety of reasons, from researching system performance issues to responding to a cyberattack. While there are a variety of software applications designed to ingest and analyze logs, they can often be expensive.
PowerShell provides an alternative for viewing and analyzing Windows logs. PowerShell contains built-in commands to view and search logs on local systems. In addition, its data analysis capabilities provide the ability to import and analyze Windows log files (e.g., evtx files). Since PowerShell is installed on all Microsoft systems, it is a free platform to build log analysis scripts for specific use cases.
This one-day hands-on workshop will cover the PowerShell commands needed to import Windows log data from a local system and from log files. The course will also provide examples of use cases for analyzing Windows log files. This course builds on the concepts presented in the PowerShell Workshop: Basics.
This workshop is an excellent opportunity for those who are new to using PowerShell to work with Windows log files. It is also a great opportunity for those familiar with PowerShell’s Windows log commands to refresh and practice their skills.
Registration closes on October 31, 2024 @ 8pm.