Event Logs

GitHub - SwiftOnSecurity/sysmon-config: Sysmon configuration file template with default high-quality event tracing

Jessica Payne on Twitter

Windows Security Log Encyclopedia

wevtutil

Tech Tuesday Workshop Cobalt Strike Detection via Log Analysis | SANS Institute

Windows 10 and Windows Server 2016 security auditing and monitoring reference

GitHub - olafhartong/sysmon-modular: A repository of sysmon configuration modules

Tuned and curated Winlogbeats config file

GitHub - Yamato-Security/EnableWindowsLogSettings: Documentation and scripts to properly enable Windows event logs.