Create lab4-log-analysis.md

ngvuthdanhh · web-flow · commit cf602237ed90 · 2025-12-05T12:56:15.000+07:00
diff --git a/labs/lab4-log-analysis.md b/labs/lab4-log-analysis.md
@@ -0,0 +1,15 @@
+# Lab 4 – Log Analysis & Triage
+
+## Objective
+Analyze log data to detect compromise indicators.
+
+## Tasks
+1. Review firewall, EDR, and system logs.
+2. Extract anomalies or failed authentication patterns.
+3. Identify potential malicious IPs.
+4. Correlate cross-log events.
+
+## Expected Output
+- IOC summary  
+- Suspicious patterns list  
+- Log artifact screenshots  
