The analysis of Windows event logs can provide a great deal of historical information about a Windows computer’s operating system, hardware, security and applications. The Windows Event Logging Service centrally stores logging events. Evidence such as malware infections, brute force login attempts, and various login methods can be gathered through log analysis.

Next – Device Profiling