Data Sources Deep Dive

Understanding Data Sources
In-depth information about various data sources for SIEM use cases. This section will provide detailed insights into configuring, collecting, and utilizing various log sources effectively for threat detection and compliance.

Content for this page is under development. Please provide the specific content you'd like to see here.

Windows Event Logs

Detailed explanation of critical Windows Event IDs, parsing strategies, and common use cases.

Firewall Logs

Understanding firewall log formats, key fields for security monitoring, and detection opportunities.

CloudTrail Logs (AWS)

Leveraging AWS CloudTrail for API activity monitoring, threat detection, and compliance in the cloud.

EDR Logs

Harnessing Endpoint Detection and Response logs for advanced threat hunting and incident response.

© 2025 Nasser Oumer de Mora. All rights reserved.