Training Information
Training Method: Face-to-face
Training Date: Will be scheduled once a sufficient number of preliminary applications are received.
Training Venue: Bursa Uludağ University Görükle Campus, Faculty of Economics and Administrative Sciences – C Block
If a sufficient number of participants is reached in other provinces, the training will also be conducted face-to-face in those locations at a later scheduled date.
Number of Participants: Minimum 20, maximum 30 participants.
If fewer than 20 participants enroll, the fees will be refunded, and the training will not be held. For more than 30 participants, additional groups will be formed based on registration order. Training schedules and details will be shared via WhatsApp prior to the start date.
Training Objective
The purpose of this training is to provide expertise in the examination of digital evidence, focusing on the analysis of data and log records. Participants will gain the technical knowledge and competence required to perform event-based forensic analysis effectively.
Note:
This training is organized to enhance the professional competence and knowledge of individuals who meet the qualifications announced by the Expert Witness Department, provided they have at least 5 years of practical experience in the relevant field.
The certificate obtained from this training cannot be used as proof of the 5-year work experience requirement in the expert witness application process.
Training Content
1. Importance and Legal Basis of Digital Evidence in Expert Witnessing
-
Law No. 6754 on Expert Witnessing and related regulations
-
The concept and legal validity of digital evidence
-
The role of log records in judicial processes
-
Duties, responsibilities, and impartiality principles of the expert witness
2. Introduction to Log and Data Records
-
What is a log? Types and sources of logs
-
System, application, and security logs
-
Log generation processes and timestamp concept
3. Technical Analysis of Log Records
-
Log formats: Syslog, JSON, CSV, XML, etc.
-
Log parsing and analysis methods
-
Filtering and correlation techniques for event detection
-
Time synchronization and anomaly detection
4. Tools and Software for Log Analysis
-
Core log analysis tools: ELK Stack (Elasticsearch, Logstash, Kibana), Splunk, Wireshark
-
Open-source and commercial tools
-
Practical examples and case studies
5. Examination of Network and System Logs
-
Windows and Linux system logs
-
Log collection from firewalls, IDS/IPS, and network devices
-
Email, web server, and application logs
-
Indicators of unauthorized access, data leaks, and malware
6. Reporting and Writing the Expert Report
-
Report structure and content requirements
-
Simplifying technical findings
-
Review of sample expert reports
-
Impartial interpretation and opinion formation
7. Applied Log Analysis Workshop
-
Real-world scenario-based log analysis
-
Individual and group case studies
-
Group project: Investigation of an incident using log data
-
Q&A and overall evaluation
Important Information
-
Participants with 80% or higher attendance will receive a Certificate of Participation.
-
Certificates will be sent via PTT Cargo after the program.
-
Participants must ensure their contact and address details are up to date.
-
Payments are accepted only through online channels.
-
No installment options are available for credit card payments.
-
For corporate invoices: 0850 840 8543
-
Contact: usem@uludag.edu.tr
-
Note: In the event of a valid cancellation, refund processing may take approximately one month due to internal administrative procedures.