Windows Event Log Forensics: What Each Event ID Actually Means
Windows event log forensics decoded — 4624, 4625, 4672, 4688, 4634, 7045, 1102 and how to read them in an investigation.
Posts tagged: Windows-Forensics
Posts tagged: Windows-Forensics
Windows event log forensics decoded — 4624, 4625, 4672, 4688, 4634, 7045, 1102 and how to read them in an investigation.