O'Reilly logo

Mastering Windows Network Forensics and Investigation, 2nd Edition by Scott Pearson, Ryan Johnson, Steve Bunting, Steven Anson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 11

Text-Based Logs

In the previous chapter, we covered tool analysis. In this chapter and in the four chapters that follow this one, we’ll be covering a variety of Windows logs. Logs are extremely important in network investigations, providing information about external connections, a variety of system events, and dates and times. We’ll begin our coverage of logs with the text-based logs, specifically Windows IIS, FTP, DHCP, and 7 Firewall logs.

Text logs are easy to read because they are in plain text. In a pinch, you can open, read, and search them with a text editor such as Notepad. However, the sheer volume of data in text logs still necessitates the use of specialized tools to search, sort, and otherwise parse through the reams of ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required