← Back to home

Windows Event Log Investigation

Reconstructing activity and spotting suspicious patterns using logs.

This project is about using Windows event logs to build a timeline. The goal is to take noisy log data and turn it into something understandable: what happened, when it happened, and what stands out.

What I practiced

  • Finding relevant logs without getting lost in noise
  • Building a timeline of events
  • Documenting observations in a clean, readable format

Tools

  • Event Viewer / Windows logs
  • Basic filtering and correlation

Write-up (how I’ll expand this)

I’ll add screenshots, filters used, and example timeline notes once I publish the lab artifacts.