Collecting network logs
All machines on your network are not likely to be Linux; therefore, to keep a balance of things, we will use Windows as an example for this exercise.
To start Event Viewer, click on the start button and write Event Viewer, as shown in the following screenshot:
The Event Viewer will open up as shown in the following screenshot:
Event Viewer stores consists of the following components:
- Custom Views
- Windows Logs
- Applications and Services Logs
The different views stores are as follows:
- Custom Views:
- Administrative Events: This contains ...
Get Learning Network Forensics now with O’Reilly online learning.
O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.