Question: the objective of this exercise is learning how to parse...
The objective of this exercise is learning how to parse and analyze the logs on a Windows Operating System during an incident response investigation.
5. You are a security consultant about to go on sight to present to a CIRT team for a new company they have requested that you provide step-by-step instructions on how to install Splunk on a windows system and parse security event logs within Splunk. You may have to use another tool to export the logs to a csv file format. Log explore is good for this. Please, provide screenshot of the logs from your system being parsed. Working together on this question is okay but each person must provide a screen shoot of the tool working with there logs. PLEASE REMEMBER TO PARSE SECURITY EVENT LOGS WITHIN SPLUNK!!!!