Support & Downloads

Quisque actraqum nunc no dolor sit ametaugue dolor. Lorem ipsum dolor sit amet, consyect etur adipiscing elit.

s f

Contact Info
198 West 21th Street, Suite 721
New York, NY 10010
youremail@yourdomain.com
+88 (0) 101 0000 000
Follow Us

Implementing Windows Advanced Logging Cheat Sheet with SureLog SIEM

 

There are many references to Windows Advanced logging. [1] [2]. Windows has some great built-in capabilities for detecting abuse — capabilities and SureLog implemented those referances and this is the fastest way to hunt windows endpoints. Everyting is ready as a reports and correlation rules in SureLog

The default Windows settings provide only a subset of the desired logging events that assist in detecting and investigating malicious activity. SureLog predefined reports cover the event categories that will significantly enhance technical analysis.

Samples of SureLog Predefined Windows Reports:

   

SureLog covers all the reports in [2] and more than 100+ predefined reports for windows event log analysis. Security admins also get statistical reports from those predefined reports and available reports will be more than 1000+ like:

Failed Login Users Top List

References:

1-https://www.malwarearchaeology.com/cheat-sheets/

2-https://www.acsc.gov.au/publications/protect/Windows_Event_Logging_Technical_Guidance.pdf