Category,URL
Andrea Fortuna,https://www.andreafortuna.org/2019/06/12/windows-security-event-logs-my-own-cheatsheet/
Mike Lombardi,https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1511904841.pdf
NSA,https://github.com/nsacyber/Event-Forwarding-Guidance/tree/master/Events
Microsoft AD,https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor
SANS Forensics Guidance,https://isc.sans.edu/forums/diary/Windows+Events+log+for+IRForensics+Part+1/21493/
Michael Gough,https://www.malwarearchaeology.com/cheat-sheets
Hunters Forge,https://github.com/hunters-forge/OSSEM/tree/master/attack_data_sources
JP-CERT,https://www.jpcert.or.jp/english/pub/sr/20170612ac-ir_research_en.pdf
ASD,https://www.cyber.gov.au/acsc/view-all-content/publications/windows-event-logging-and-forwarding
Splunk UBA,https://docs.splunk.com/Documentation/UBA/latest/GetDataIn/WindowsEvents
Sygnia Golden SAML,https://www.sygnia.co/golden-saml-advisory
JSCU-NL,https://github.com/JSCU-NL/logging-essentials
Michel de CREVOISIER,https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack