Eventlog query requests by builtin utilities

Intel Name: Eventlog query requests by builtin utilities

Date of Scan: December 10, 2024

Impact: Medium

Summary:
Detectives attempt to query event log contents using command-line utilities. Attackers often use this technique to search logs for sensitive information, such as passwords, usernames, or IP addresses.

More Details