Skip to Main Content
Operating System Forensics
book

Operating System Forensics

by Ric Messier
November 2015
Intermediate to advanced content levelIntermediate to advanced
386 pages
12h 50m
English
Syngress
Content preview from Operating System Forensics
Chapter 8

Log Files

Abstract

Using open source tools to collect memory and analyze it as part of a forensic investigation.

Keywords

operating systems
forensics
operating environments

INFORMATION INCLUDED IN THIS CHAPTER:

Windows event logs
Unix Syslog
Application logs
Mac OS X logs
Security logs
Auditing

Introduction

System administrators rely on log files as part of their every day lives. Without log files, an administrator would be unable to determine what happened when something goes wrong. These are essential system files. However, they are not only essential for system administrators. They can also be very good sources of information for a forensics professional, no matter what platform the logs are on. Windows systems have a ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Computer Forensics InfoSec Pro Guide

Computer Forensics InfoSec Pro Guide

David Cowen
Windows Forensics Cookbook

Windows Forensics Cookbook

Scar de Courcier, Oleg Skulkin
Malware Forensics Field Guide for Linux Systems

Malware Forensics Field Guide for Linux Systems

Eoghan Casey, Cameron H. Malin, James M. Aquilina

Publisher Resources

ISBN: 9780128019634