Windows Clearing Event Logs
It is unlikely that event log data would be cleared during normal operations and it is likely that a malicious attacker may try to cover their tracks by clearing an event log. When an event log gets cleared, it is suspicious. Centrally collecting events has the added benefit of making it much harder for an attacker to cover their tracks. Event forwarding permits sources to forward multiple copies of a collected event to multiple collectors thus enabling redundant event collection. Using a redundant event collection model can minimize the single point of failure risk.
Related Solution
AIS Managed SIEM
Explore our Solutions
AIS delivers a wide range of technology solutions, managed services, and consulting services that allow businesses to compete in today’s market. Whether deploying AIS solutions or other best-of-breed tools, the experienced, reliable AIS team delivers projects on time while streamlining IT services.

AIS Labs
AIS offers a variety of technology solutions leveraging enterprise open-source software, developed and maintained by AIS engineers. These include AIS Managed Firewall, NMS, SIEM, and VoIP.
Last modified
September 14, 2021