Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Johannes Ullrich

Threat Level: green

Date	Author	Title
2023-08-31	Guy Bruneau	Potential Weaponizing of Honeypot Logs [Guest Diary]
2021-09-11	Guy Bruneau	Shipping to Elasticsearch Microsoft DNS Logs
2021-03-12	Guy Bruneau	Microsoft DHCP Logs Shipped to ELK
2019-09-17	Rob VandenBrink	Investigating Gaps in your Windows Event Logs
2016-08-29	Russ McRee	Recommended Reading: Intrusion Detection Using Indicators of Compromise Based on Best Practices and Windows Event Logs
2014-08-15	Tom Webb	AppLocker Event Logs with OSSEC 2.8
2014-01-04	Tom Webb	Monitoring Windows Networks Using Syslog (Part One)
2010-03-10	Rob VandenBrink	What's My Firewall Telling Me? (Part 4)
2010-02-23	Mark Hofman	What is your firewall telling you and what is TCP249?