Featured resource
pluralsight tech forecast
2025 Tech Forecast

Which technologies will dominate in 2025? And what skills do you need to keep up?

Check it out
Hamburger Icon
  • Course
    • Libraries: If you want this course, consider one of these libraries.
    • Security

Specialized DFIR: Windows Event Log Forensics

Analyzing Windows event logs provides key information on system activities during an investigation. This course will teach you what events to focus on during your analysis and how to quickly obtain information.

Tyler Hudak - Pluralsight course - Specialized DFIR: Windows Event Log Forensics
by Tyler Hudak

What you'll learn

Windows event logs contain lots of information that assist investigations in determining what happened on a system. However, some of this information is hidden within the multitude of event logs on a system. In this course, Specialized DFIR: Windows Event Log Forensics, you’ll learn how to focus your event log investigation to find signs of compromise and suspicious activities. First, you’ll explore how to quickly go through event logs and find key events to focus on. Next, you’ll discover what logs and events provide different pieces of information. Finally, you’ll learn how to combine all of this information to have a comprehensive view of the malicious activities that took place on a compromised system. When you’re finished with this course, you’ll have the skills and knowledge needed to perform event log forensics on a Windows system.

Table of contents

About the author

Tyler Hudak - Pluralsight course - Specialized DFIR: Windows Event Log Forensics
Tyler Hudak

Tyler Hudak has more than 15 years of experience performing malware analysis, computer forensics, and incident response for multiple organizations. He loves sharing the knowledge he has gained on these topics in his presentations and classes!

More Courses by Tyler