logparser

Merge multiple files into one new file in Windows

A quicky: if you need to merge -or concatenate- multiple text files into one new file in Windows, you can use the copy command in cmd.exe, and here is how:

Read more...

Intrusion Detection with Windows Event ID's

This paper is the best I have ever read on how to build IOC's with Windows Event ID's. I highly recommend you to read it, it contains very useful information and some very interesting behavioral examples of attacker activity. If you are looking to enhance your detection in your core network this is the document!

Grep for forensic log parsing and analysis on Windows Server IIS

How to use GnuWin32 ported tools like grep.exe and find.exe for forensic log file analysis in Windows Server.

"Forensic Log Parsing with Microsoft's LogParser"

Forensic Log Parsing with Microsoft's LogParser. Log parser is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files.
windows-server (113) iis (80) powershell (77) php (55) wordpress (47) mysql (36) windows (34) performance (28) linux (23) web.config (23) Website (22) htaccess (20) aspnet (19) url-rewrite-module (19) sql-server (18) bash (18) optimization (18) ssl (17) gnu-linux (13) plugin (13) windows-10 (12) devops (11) monitoring (11) security (10) appcmd (10) wsl (9) smtp (9) wincache (9) wmi (8) zabbix (8) windows-update (8) opcache (8) openssh (7) database (7) dism (7) iis-60 (7) sysops (6) wsus (6) apache (6) hyper-v (6) virtualization (6) spam (6) functions-php (6) classic-asp (6) ddos (6) password (5) email (5) active-directory (5) umbraco (5) joomla (5) command-line (5) application-pool (5) blacklist (5) t-sql (4) wql (4) https (4) group-policy (4) backup (4) connector-net (4) debug (4) logparser (4) network-adapter (4) dns (4) query_cache (4) ghost (4) iisnode (4) node-js (4) vbscript (3) windows-firewall (3) brute-force (3) ftp (3) postfix (3) forensics (3) benchmark (3) xss (3) disk-cleanup (3) disk-space (3) sql-injection (3) openssl (2) net-core (2) visual-studio (2) windows-defender (2) rdp (2) connector-odbc (2) c (2) mysqldump (2) xml-rpc (2) smb (2) cross-site-scripting (2) innodb (2) httpbl (2) centos (2) magento (2) denial-of-service (2) deployment (2) windows-deployment-services (2) mysqli (2) open-xchange (2) waf (2) web-application-firewall (2) code-base (1) windows-11 (1) ipv6 (1) networking (1) sqlce (1) tinymce (1) Prianha-CMS (1) kvm (1) http-3 (1) quic (1) wmsvc (1) database-mirroring (1) service-principal-names (1) spn (1) jetpack (1) api (1) kms (1) red-hat (1) varnish-cache (1) elasticsearch (1) dhcp (1) jquery (1)