<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Monitoring on Notes by Nisha</title><link>https://notesbynisha.com/tags/monitoring/</link><description>Recent content in Monitoring on Notes by Nisha</description><generator>Hugo</generator><language>en</language><copyright>&amp;copy; 2026 Nisha</copyright><lastBuildDate>Sun, 24 Dec 2023 00:00:00 +0000</lastBuildDate><atom:link href="https://notesbynisha.com/tags/monitoring/index.xml" rel="self" type="application/rss+xml"/><item><title>Windows Event Logs (TryHackMe Walkthrough)</title><link>https://notesbynisha.com/posts/2023-12-24-windows-event-logs-thm/</link><pubDate>Sun, 24 Dec 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-12-24-windows-event-logs-thm/</guid><description>&lt;h3 id="introduction-to-windows-event-logs-and-the-tools-to-query-them" class="relative group">Introduction to Windows Event Logs and the tools to query them. &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#introduction-to-windows-event-logs-and-the-tools-to-query-them" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h3>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/windowseventlogs" target="_blank" rel="noopener noreferrer"> &lt;a href="https://tryhackme.com/r/room/windowseventlogs" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/windowseventlogs&lt;/a>&lt;/a>&lt;/p></description></item><item><title>Incident Handling With Splunk / Splunk 201 (TryHackMe Walkthrough)</title><link>https://notesbynisha.com/posts/2023-07-22-incident-handling-with-splunk-thm-walkthrough/</link><pubDate>Sat, 22 Jul 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-07-22-incident-handling-with-splunk-thm-walkthrough/</guid><description>&lt;h3 id="learn-to-use-splunk-for-incident-handling-through-interactive-scenarios" class="relative group">Learn to use Splunk for incident handling through interactive scenarios. &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#learn-to-use-splunk-for-incident-handling-through-interactive-scenarios" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h3>&lt;img src="https://notesbynisha.com/assets/images/thm_splunk_incident_handling.PNG">
Room:&lt;a href="https://tryhackme.com/r/room/splunk201"> https://tryhackme.com/r/room/splunk201&lt;/a>
&lt;h4>Learning Objectives and Pre-requisites&lt;/h4>
Before going through this room, it is expected that the participants will have a basic understanding of Splunk. If not, consider going through this room, Splunk 101 (https://tryhackme.com/jr/splunk101).
&lt;ul>
	&lt;li>Learn how to leverage OSINT sites during an investigation&lt;/li>
	&lt;li>How to map Attacker's activities to Cyber Kill Chain Phases&lt;/li>
	&lt;li>How to utilize effective Splunk searches to investigate logs&lt;/li>
 &lt;li>Understand the importance of host-centric and network-centric log sources&lt;/li>
&lt;/ul>
&lt;h5>Task 1 Introduction: Incident Handling &lt;/h5>
&lt;p>&lt;strong> Q: Read the above and continue to the next task. &lt;/strong> &lt;br>
&lt;em> Answer: No answer needed &lt;/em>&lt;/p></description></item><item><title>Splunk Basics / Splunk 101 (TryHackMe Walkthrough)</title><link>https://notesbynisha.com/posts/2023-07-15-splunk-basics-thm-walkthrough/</link><pubDate>Sat, 15 Jul 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-07-15-splunk-basics-thm-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/room/splunk101" target="_blank" rel="noopener noreferrer"> &lt;a href="https://tryhackme.com/room/splunk101" target="_blank" rel="noreferrer">https://tryhackme.com/room/splunk101&lt;/a>&lt;/a>&lt;/p>
&lt;div style="position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;">
 &lt;iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen" loading="eager" referrerpolicy="strict-origin-when-cross-origin" src="https://www.youtube.com/embed/zyaof9kP54I?autoplay=0&amp;amp;controls=1&amp;amp;end=0&amp;amp;loop=0&amp;amp;mute=0&amp;amp;start=0" style="position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;" title="YouTube video">&lt;/iframe>
 &lt;/div>

&lt;h4>Learning Objectives and Pre-requisites&lt;/h4>
If you are new to SIEM, please complete the Introduction to SIEM. This room covers the following learning objectives:
&lt;ul>
	&lt;li>Splunk overview&lt;/li>
	&lt;li>Splunk components and how they work&lt;/li>
	&lt;li>Different ways to ingest logs&lt;/li>
 &lt;li>Normalization of logs&lt;/li>
&lt;/ul>
&lt;h5>Task 1 Introduction &lt;/h5>
Splunk is one of the leading SIEM solutions in the market that provides the ability to collect, analyze and correlate the network and machine logs in real-time. In this room, we will explore the basics of Splunk and its functionalities and how it provides better visibility of network activities and help in speeding up the detection.&lt;br>
&lt;p>Continue with the next task.&lt;/p></description></item></channel></rss>