Webcast: Windows logging, Sysmon, and ELK

Click on the timecodes to jump to that part of the video (on YouTube) Download slides: https://www.activecountermeasures.com/presentations 4:36 Problem Statement and Executive Problem Statement 9:00 Short Sysmon review, introduction to ELK, what programs make up ELK, data type and its affect on elasticsearch, answering viewer questions 20:51 Touching on different types of logs, how logstash deals […]

Read the entire post here