written 6.2 years ago by
nisha.vanjari
• 40
|
modified 6.1 years ago
by
jadhavvaibhav498
• 90
|
Subject: Digital Forensics
Topic: Preserving and Recovering Digital Evidence
Difficulty: Medium
written 6.1 years ago by
teamques10
★ 64k
|
In windows system, log files are the best source to collect information of incident. The most important upgrade logs are setupact.log and setuperr.log which you find in different locations depending on the upgrade stage. The two important log files setupact.log and setuperr.log use the following format:
• Date and time.
• Log Level (Info, Warning, Error, Fatal Error)
• Logging Component (CONX, MOUPG, PANTHR, SP, IBSLIB, MIG, DISM, CSI, CBS)
• Message
Windows Log file locations are as follows (open Event Viewer) –
• Application
• Security
• Setup
• System
• Forwarded events
• Application and service logs
All log file locations contain different log files as
and 5 others joined a min ago.