LogParser and Powershell- LOGPOWER

I was going through my last post, where I have shared log parser queries to analyze data using log parser tool. Good news is ,if you are familiar with power shell then life becomes even more exciting and easy ,so all the  queries I have shown there you can use them with power shell as below Pre-requisites…


Logparser play of a forensicator

My guru, I won’t name him, but he knows who he is, told me one day what we do is not exactly forensics, its actually Root Cause Analysis to find out how a security incident happened, so once we know that root cause we can do multiple things from ensuring preventions to mitigations and performing recovery….