topic ARP Spoof attack evidence in Splunk Search https://community.splunk.com/t5/Splunk-Search/ARP-Spoof-attack-evidence/m-p/679917#M232429 <P><SPAN>Hello everyone. I experienced a cyberattack on my computer, and the Avast Firewall detected and alerted me to pop-up messages. I intend to report the incident to the police for investigation, and they require me to have a log file containing details of this attack. The hard drive's Windows boot trail has been corrupted, leaving me only able to access the folders and files as an external drive. I need assistance in locating the correct folder and file of the cyber attack evidence. I possess a screenshot displaying the Avast warning message, which occurred on January 4, 2024.</SPAN></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="IMG-20240104-WA0010.jpg" style="width: 933px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/29637i678C0876A8655DA1/image-size/medium?v=v2&amp;px=400" role="button" title="IMG-20240104-WA0010.jpg" alt="IMG-20240104-WA0010.jpg" /></span></P><P>thank you&nbsp;</P><P>Daniel&nbsp;</P> Thu, 07 Mar 2024 09:22:27 GMT dklk 2024-03-07T09:22:27Z ARP Spoof attack evidence https://community.splunk.com/t5/Splunk-Search/ARP-Spoof-attack-evidence/m-p/679917#M232429 <P><SPAN>Hello everyone. I experienced a cyberattack on my computer, and the Avast Firewall detected and alerted me to pop-up messages. I intend to report the incident to the police for investigation, and they require me to have a log file containing details of this attack. The hard drive's Windows boot trail has been corrupted, leaving me only able to access the folders and files as an external drive. I need assistance in locating the correct folder and file of the cyber attack evidence. I possess a screenshot displaying the Avast warning message, which occurred on January 4, 2024.</SPAN></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="IMG-20240104-WA0010.jpg" style="width: 933px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/29637i678C0876A8655DA1/image-size/medium?v=v2&amp;px=400" role="button" title="IMG-20240104-WA0010.jpg" alt="IMG-20240104-WA0010.jpg" /></span></P><P>thank you&nbsp;</P><P>Daniel&nbsp;</P> Thu, 07 Mar 2024 09:22:27 GMT https://community.splunk.com/t5/Splunk-Search/ARP-Spoof-attack-evidence/m-p/679917#M232429 dklk 2024-03-07T09:22:27Z