Please disable adblock to view this page.

← Go home

Log Files

windows-nt-event-log

October 29, 2016
Published By : Pratik Kataria
Categorised in:

Attribution is a major goal and log files can record which account was used to access a system at a given time.
User accounts allow two forms of access to computers interactive login and access to shared resources.
Both forms of access can significantly expand the pool of suspects in an investigation.
If illegal materials are found on a computer, individuals with legitimate access to the computer are the obvious suspects.
However, there is the possibility that someone gained unauthorized access to the computer and stored illegal materials on the disk.
Similarly, if secret information is stolen from a computer system or a computer is used to commit a crime, it is possible that someone gained unauthorized access to the computer.

Modern Windows operating systems store log files in the “%systemroot%\system32\ config\” folder (most commonly “c:\winnt\system32\config\”) .
However, a new log format was introduced in Windows Vista along with different event identifiers.

windows-nt-event-log

Pratik Kataria is currently learning Springboot and Hibernate.
Technologies known and worked on: C/C++, Java, Python, JavaScript, HTML, CSS, WordPress, Angular, Ionic, MongoDB, SQL and Android.
Softwares known and worked on: Adobe Photoshop, Adobe Illustrator and Adobe After Effects.