Learn how to pull, parse and pivot Windows Event Logs like a pro SOC analyst. Urvesh shows GUI, CLI and bootable-USB methods so you never miss evidence—even when Windows is broken. Perfect for blue-teamers, incident responders and anyone chasing their first cybersecurity roleTAKEAWAYSIdentify suspicious Event IDs (4624, 4625, 4688) in secondsBuild repeatable triage flow for ransomware, brute-force, insider threatsMap findings to MITRE ATT&CK for reports that impress hiring managers.00:00 – 02:50 – Introduction02:50 – 03:48 - Learn SIEM tools (like Vasu, Splunk)03:48 – 07:22 - Begin with Basics07:22 – 08:20 - Windows Logs08:20 – 01:23:05 - Window Logs09:47 – What is Log10:35 – Purpose12:47 – Log Analysis14:00 - Event Viewer (First Step)16:04 – Why Command Prompt 17:50 – 3 Segments 18:16 – Custom View19:01 – Log Categorization24:13 – Powershell26:39 – Top 10 Interview question 32:19 – Common Event IDs38:54 – XML views 44:00 – Warnings, Error44:11 – Fundamental IDs49:21 – Administrative Events 50:59 – Create Custom view53:20 – No SIEM tools 54:29 – traditional Event ID’s55:32 – Sysmon (System Monitor)59:19 – Enable Sysmon01:07:44 – Sysmon IDs01:15:05 – Is programming knowledge required01:16:51 – Books 01:23:05 – Hypothesis 01:24:55 – Interviewer thought 01:32:01 – Virus total 01:33:36 – Scenario 2 (PowerShell command)01:35:38 – Future broadcast (How to map one practical with minor attack)01:36:31 - schtasksSOC Playlisthttps://www.youtube.com/watch?v=zCLlrFZU0M8&list=PL0hT6hgexlYxd24Jb8OE7vZoas-iTcHAcCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/InfoseclearningMy Instagramhttps://www.instagram.com/prabhnair/My Spotifyhttps://open.spotify.com/show/16M7QBKdPDW7CCzBgrrZRE#socanalyst #infosec #loginvestigation #SOC #LogAnalysis #WindowsEventLogs #Cybersecurity #IncidentResponse

Ver todos los episodios