This training course is now a part of the Pattern-Oriented Trace and Log Analysis Training Pack.
Slides for training agenda and exercises
Slides for patterns part from the training
Slides for malware narrative part from the training
Feel frustrated when opening a software trace with millions of messages from hundreds of software components, threads, and processes? Go beyond simple CPU and disk hog monitoring or searching for errors in a text and learn how to efficiently and effectively analyze software traces and logs from complex software environments. In addition to a theoretical part, practical illustrations, examples, and exercises include Microsoft Event Tracing for Windows (ETW), Procmon, OSQuery, Windows Performance Analyzer, and PerfView. This course teaches trace and log analysis using pioneering and innovative pattern-oriented analysis of abnormal software behavior incidents developed by Software Diagnostics Institute.
Prerequisites: Basic Windows troubleshooting.
Audience: Software technical support and escalation engineers, system administrators, security researchers, incident response professionals, software developers, platform engineers, DevSecOps and SRE, and quality assurance engineers.