Intel Name: Eventlog query requests by builtin utilities
Date of Scan: December 10, 2024
Impact: Medium
Summary: Detectives attempt to query event log contents using command-line utilities. Attackers often use this technique to search logs for sensitive information, such as passwords, usernames, or IP addresses.