Collecting network logs
All machines on your network are not likely to be Linux; therefore, to keep a balance of things, we will use Windows as an example for this exercise.
To start Event Viewer, click on the start button and write Event Viewer, as shown in the following screenshot:
The Event Viewer will open up as shown in the following screenshot:
Event Viewer stores consists of the following components:
- Custom Views
- Windows Logs
- Applications and Services Logs
The different views stores are as follows:
- Custom Views:
- Administrative Events: This contains the Critical, Error, and Warning events from all administrative logs, as shown in the following screenshot:
- Location Activity: As the name suggests, this contains the location activity, as shown in the following screenshot:
- Administrative Events: This contains the Critical, Error, and Warning events from all administrative logs, as shown in the following screenshot:
- Windows Logs: Windows log stores events from legacy applications and events that apply to the entire system:
- Application: The Application log stores events logged by the applications or programs. For example, a database progmemory...
