Scribd
Upload
380 views

Lab Experiment #01 - System Event Logs

This document provides instructions for a lab experiment on learning system logs using the Windows Event Viewer. The objective is to learn how to view and analyze logs in Event Viewer. It describes the tool, steps to access Event Viewer, types of events and logs, how to filter events, and how to research event IDs. Students are assigned to perform the experiment, make a list of 10 critical events found, and research the events and mitigation steps.

Uploaded by

Divy Pathak
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
380 views

Lab Experiment #01 - System Event Logs

This document provides instructions for a lab experiment on learning system logs using the Windows Event Viewer. The objective is to learn how to view and analyze logs in Event Viewer. It describes the tool, steps to access Event Viewer, types of events and logs, how to filter events, and how to research event IDs. Students are assigned to perform the experiment, make a list of 10 critical events found, and research the events and mitigation steps.

Uploaded by

Divy Pathak
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

IT System Security Lab Experiment 01

B. Tech CSF-CSE Semester III Course: IT Systems & Physical Security Code: CSSF 2109
By: Dr. Akashdeep Bhardwaj

Lab Objective: Learn System Logs

Tool:
 Windows OS
 Event Viewer

Steps to perform:

1. Start  type “Event Viewer” OR from “Control Panel”  Admin Tools  “Event Viewer”.

2. Events are placed in different categories, each of which are related to a log that Windows keeps on
events regarding that category.

3. Types of Events:
• Application: records events related to Windows system components  Drivers and built-in
interface elements.
• System: records events related to programs installed on the system.
• Security: When Security logging is enabled (this is off by default in Windows), this log records
events related to security, such as logon attempts and resource access.
• Setup
• Forwarded Events: records events written by other computers in the same network ("source
computers") that have forwarded their events to the "collector computer."
4. Types of events (Information, Warning, Error/Critical)

5. Details about each Log can be checked for details and searched online from EVENT ID

6. Check Vendor Portals (HP, Dell, Microsoft….), Search Engines (Google, Yahoo…) or CVE Details
web portal (https://www.cvedetails.com/) for more information about the events
7. You can also Filter Events to gather only CRITICAL Logs, Save and Export the log to view on other
systems OR another Log Analyzer.

Lab #01 Activities File Work:

1. Perform this Experiment to make a list of 10 critical events you come across in the Windows Logs.

2. Review Critical Log Event IDs and learn about their mitigation steps as per the below table.

Windows Log Source Event ID General Info Mitigation Steps


Write in your own Write in your own
words about the words about the
event by searching event by searching
vendor sites, vendor sites,
search engines or search engines or
CVE Details CVE Details

Note:
 Submit only WORD DOCX. Do not copy experiments from others OR share your work with others.
 Those who copy from others or share their documents with others - will be graded as ZERO.
 Note: never run tools/attacks on any commercial/hosted domain or IP Address. Legal problems!

You might also like