Windows Event Forwarding - Centralized logging for everyone! (Even if you already have centralized logging!)

Sign in to queue

Description

Logging - collect Events, Alert when something is wrong. Simple right? Unfortunately, it isn't. Collecting the right data and alerting appropriately is a major challenge for most IT organizations today. Many aren't logging and those that are are being flooded by events - some that don't matter - and missing the important data. How to monitor is often the easy question. What to monitor is far more difficult. Microsoft Cybersecurity Engineer Jessica Payne will walk you through how to use native tools like Windows Event Forwarding (free!) to build a scalable, flexible monitoring infrastructure that can detect not only compromise but operational issues as well.

Day:

2

Level:

Level 300

Session Type:

Breakout

Code:

INF327

Room:

Central C

Embed

Download

Download this episode

The Discussion

Add Your 2 Cents