Application logs decoding in windows
TUKARAM GAONKAR
{"win":{"system":{"providerName":"Symantec AntiVirus","eventID":"45","level":"4","task":"0","keywords":"0x80000000000000","systemTime":"2021-06-16T14:42:24.000000000Z","eventRecordID":"510191","channel":"Application","computer”:”Xxx”,”severityValue":"INFORMATION","message":"\" \r\n\r\nScan type: Tamper Protection Scan\r\nEvent: Tamper Protection Detection\r\nSecurity risk detected: C:\\PROGRAM FILES\\TREND MICRO\\yyy\\CORESERVICESHELL.EXE\r\nFile: E:\\Program Files (x86)\\Sss\\Symantec Endpoint Protection Manager\\bin\\USNWash.exe\r\nLocation: R:\\Program Files (x86)\\Symantec\\Symantec Endpoint Protection Manager\\bin\r\nComputer: abcd\r\nUser: SYSTEM\r\nAction taken: Leave Alone\r\nDate found: Wednesday, June 16, 2021 8:12:24 PM\""},"eventdata":{"data":" Scan type: Tamper Protection Scan Event: Tamper Protection Detection Security risk detected: C:\\\\PROGRAM FILES\\\\TREND MICRO\\\\sss\\\\CORESERVICESHELL.EXE File: E:\\\\Program Files (x86)\\\\abc\\\\Symantec Endpoint Protection Manager\\\\bin\\\\USNWash.exe Location: E:\\\\Program Files (x86)\\\\Symantec\\\\Symantec Endpoint Protection Manager\\\\bin Computer: xxx User: SYSTEM Action taken: Leave Alone Date found: Wednesday, June 16, 2021 8:12:24 PM"}}}
