- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Windows Events Log | TryHackMe | SOC Analyst
TASK 5:
Get-WinEvent -LogName Application -FilterXPath '*/System/Provider[@Name="WLMS"] and */System/TimeCreated[@SystemTime="2020-12-15T01:09:08.940277500Z"]'
Get-WinEvent -LogName Security -FilterXPath '*/EventData/Data[@Name="TargetUserName"]="Sam" and */System/EventID=4720'
Get-WinEvent -LogName Security -FilterXPath '*/EventData/Data[@Name="TargetUserName"]="Sam" and */System/EventID=4724' | fl -property *
TASK 6:
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=400'
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=104'
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=104' | fl -property *
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=4104' | fl -property *
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=4799' | fl -property *
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=4799' -MaxEvents 2 | fl -property *
Видео Windows Events Log | TryHackMe | SOC Analyst канала denza
Get-WinEvent -LogName Application -FilterXPath '*/System/Provider[@Name="WLMS"] and */System/TimeCreated[@SystemTime="2020-12-15T01:09:08.940277500Z"]'
Get-WinEvent -LogName Security -FilterXPath '*/EventData/Data[@Name="TargetUserName"]="Sam" and */System/EventID=4720'
Get-WinEvent -LogName Security -FilterXPath '*/EventData/Data[@Name="TargetUserName"]="Sam" and */System/EventID=4724' | fl -property *
TASK 6:
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=400'
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=104'
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=104' | fl -property *
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=4104' | fl -property *
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=4799' | fl -property *
Get-WinEvent -Path .\merged.evtx -FilterXPath '*/System/EventID=4799' -MaxEvents 2 | fl -property *
Видео Windows Events Log | TryHackMe | SOC Analyst канала denza
Комментарии отсутствуют
Информация о видео
20 июня 2023 г. 14:59:10
00:20:17
Другие видео канала
DRILLDOWN Splunk BlueTeamLabsOnline
Introduction to SIEM TryHackMe
Network Analysis- Web Shell / Blue Team Labs Online / Wireshark
Investigating with Splunk SOC Level 1 - TryHackMe
How to install Nexus Scanner on Ubuntu 2023 and How to fix Download FAILED
Malicious PowerShell Analysis / Blue Team Online LABS
Change Splunk in Dark Mode
Small Office Network Simulation Network Lab(DHCP,HSRP,NAT,INTERNET) #Packet Tracer #CCNA
Log Analysis – Compromised WordPress Blue Team Online Labs
Incident handling with Splunk/BOTSv1/TryHackMe
KAPE TryHackMe SOC Analyst
Splunk Basics | TryHackMe
TheHive Project TryHackMe
TryHackMe MITRE Room Walk-through: All Tasks 1-9
Snort Challenge The Basics TryHackMe
Network Analysis – Malware Compromise Blue Team Labs Online
Snort TryHackMe
Disk Analysis and Autopsy | TryHackMe | Cyber Defense
Incident handling with Splunk TryHackMe
Autopsy TryHackme | SOC Level 1
