Log File Analysis

This course teaches students how to analyse logs effectively using tools already available to you. The students will be taught how to analyse logs using Python, Powershell and Bash. Using real world examples, you will see how suspicious activity can be inferred from the logs by looking at various parameters.

Students will be introduced to analysis of Apache, Cisco, IIS and Windows event logs.

A non exhaustive list of topics covered:

  • Analysing Cisco and Apache logs using Linux Commands
    • Using cat and grep to get important information
    • How to use awk to analyse logs
    • Using sed, sort and uniq to extract important metrics
  • Using Python for Log Analysis
    • Basics of Python
    • Reading logs using Python
    • Parsing read logs.
  • Utilising Powershell for Windows Log Analysis
    • Basics of Powershell
    • Dumping Event Logs with Powershell
    • Log Analysis with Powershell
  • Intrusion Analysis using Powershell
    • Looking for suspicious data in logs
    • Searching for important keywords in event logs

Joe McCray

Joe McCray, the CEO of Strategic Security is an Air Force Veteran and has been involved with cybersecurity for over 10 years. Joe has been involved in over 150 very high level pentesting assessments and utilizes his “real world hacking accomplishments” to ensure his clients and students obtain effective knowledge transfer.

His extensive experience and deep knowledge, mixed with his comedic style has lead Joe to be one of the most highly sought after speaking experts in the industry. Joe often makes speaking appearances and gives seminars at major events in the security community such as Black Hat, DEFCON, BruCon, Hacker Halted, Hacktivity and more.

Strategic Security, Inc. an IT Security consulting firm that provides in-depth technical security assessments of your network, web application, and regulatory compliance gap analysis.