I have Splunk setup with the universal forwarder installed on all of my Windows machines sending the event logs to Splunk. Collecting all of the event logs with Splunk is working great. Now I was ...

I'm writing a Windows app in unmanaged C++ and want to log some simple events to the Application log. I'm normally a *nix guy and am used to being able to just call syslog() (or asl(3) on Mac OS X). I ...

Log and event management is now a requirement for organizations that need to monitor security and IT policy enforcement, document compliance, and achieve IT operations excellence without increasing ...

I have heard from both commercial and government customers, “You cannot manage what you cannot see,” and this rings true. Visibility is the core requirement of situational awareness. Do you need a ...

The default event logging in Windows 10 won't give you enough information to properly conduct intrusion forensics. These settings and tools will help you collect the needed log data. After a ...

LogRhythm will feel more comfortable to users with some database experience, but there's no debating the product's powerful capabilities. Being an unashamed geek, I was pleased to have the option to ...

In Event Viewer, the errors logged are common, and you will come across different errors with different Event IDs. The events that are recorded in the security logs usually will be either of the ...

Previously we wrote about CERT and the “13 best practices for preventing and detecting insider threats.” Now we’ll dig deeper into best practice No. 5: “Log, monitor, and audit employee online actions ...

Security researchers have found a way to reverse the effects of an NSA hacking utility that deletes event logs from compromised machines. Last week, Fox-IT published a Python script that recovers ...

A Blue Screen of Death (BSOD) that fails to create a memory dump file and leaves no trace in the Event Viewer is a frustrating scenario when trying to troubleshoot the issue. This absence of evidence ...