I m currently entrusted with the responsibility of checking SECURITY event log for any malicious activity.
For e.g. Event ID 560 comes under the Failure Security log, but it is an utter useless thing. The EVT file for one day has a size of around 500 MB. Imagine my plight; so i want to automate this process.