Training Information

• Training Method: Face-to-Face (Formal) Training
• Training Date: It will be scheduled when a sufficient number of pre-applications is reached.
• Training Location: Bursa Uludağ University Görükle Campus
• Training Duration: 12 Hours (2 Days * 6 Hours)
• Training Process: A WhatsApp group will be created close to the training date and all announcements will be made there.
• Quota: Minimum 20, maximum 30 participants. If a minimum number of participants is reached in other 80 provinces outside Bursa, face-to-face training will be planned in your province. Training is not held with fewer than 20 participants; fees will be refunded. A new group will be formed for more than 30 applications.

Important Information 

This training has been organized to improve the professional development and increase the knowledge of individuals who meet the qualifications announced in the link below by the Department of Expertise, provided that they have at least 5 years of practical experience in their field.

The certificate obtained at the end of the training cannot be used as proof of the requirement of 5 years of practical experience in this field.

Sub-Expertise Qualifications

Purpose of the Training

The purpose of this training is to provide expertise in analyzing data and log records that qualify as digital evidence and to equip participants with the knowledge and competence to perform technical analysis in incident investigations.

Training Content

The Importance of Digital Evidence in Expertise and Legal Basis

• Law No. 6754 on Expertise and related regulations
• The concept of digital evidence and legal validity
• The role of log records in judicial processes
• Duties, responsibilities, and impartiality principle of the expert

Introduction to Logs and Data Records

• What is a log? Types and sources
• System, application, and security logs
• Log generation processes and the concept of timestamps

Technical Analysis of Log Records

• Log formats: Syslog, JSON, CSV, XML, etc.
• Log parsing methods
• Filtering and correlation techniques for event detection
• Time synchronization and anomaly detection

Software and Tools Used

• Basic log analysis tools: ELK Stack (Elasticsearch, Logstash, Kibana), Splunk, Wireshark
• Open-source and commercial software
• Practical analysis examples and case studies

Analysis of Network and System Logs

• Windows and Linux system logs
• Collecting logs from firewalls, IDS/IPS, and network devices
• Email, web server, and application logs
• Unauthorized access, data breaches, and malware traces

Reporting Logs and Writing Expert Reports

• Report format and content requirements
• Simplifying technical findings
• Review through sample expert reports
• Impartiality, interpretation, and opinion formation

Applied Log Analysis Workshop

• Log analysis based on real scenarios
• Participant-based case analyses
• Group work: examining an incident based on log data
• Q&A and general evaluation

Important Notice

• A Certificate of Participation is given to those with 80% or more attendance.
• Certificates are sent via PTT Cargo after the training. Keeping address and contact information up to date is the participant's responsibility.
• For all questions: usem@uludag.edu.tr
• Payment is accepted only online.
• Installment payment by credit card is not available.
• For corporate invoices: 0850 840 8543

Attention: If participants who have completed their final registration cannot attend the training for a valid reason and request cancellation, the refund process may take approximately 1 month due to internal procedures of the revolving fund management. Please consider this before final registration.