Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn essential tools and techniques for maintaining forensically sound log extraction during digital forensics and incident response investigations in this 34-minute conference talk. Discover practical approaches to API-driven log collection when standard UI-based exports fail due to volume restrictions, technical limitations, or undocumented interfaces. Explore a detailed real-life case study involving extraction from an undocumented API of a proprietary client application, and examine cases where incomplete log data was discovered during collection and its potential impact on investigative outcomes. Get introduced to an open-source log-analysis tool designed to help DFIR professionals quickly identify potential issues in collected logs, including suspicious patterns such as unexpected time gaps, duplicate events, suspiciously rounded event counts, JSON formatting errors, and indicators of potential redactions. Understand how incorporating this tool into investigative workflows enables examiners to proactively recognize data-quality concerns and make more informed decisions in high-stakes investigations involving network appliances, SaaS applications, and cloud environments.
