• Ritu Raj Gupta
• Ambreen Akhter
• Lalit Kumar
• Revathi T

All associations ensure their data and information to direct their business effectively because as per the current situation where cyberattacks are increasing and data security is significant and everybody ensures safety. Digital Forensics has different stages Acquisition, Identification, Evaluation, and Reporting in which acquisition is a time-consuming process, and capturing the right information is always a challenging task. In real scenarios, due to the lag between detection of an issue and the acquisition of the evidence, forensics doesn’t lead to effective analysis and conclusions. Digital forensics is not limited to a single operating system and it is already known different OS are deployed in a corporate environment. Each acquisition tool focuses only on one specific operating system, this usually means wasting time to find the right tool to acquire the right image at the time of the incident. The purpose of this paper is to minimize the analysis time during an attack by acquiring only the required data in real-time without affecting the victim’s machine during business hours and also transfer only the essential information for analysis that reduces network overheads, transfer time.

Digital Forensics, Operating system, Forensic investigation, Acquisition, Incident management.

"Automated Data Acquisition in SIEM for Incident Handling Process & Digital Forensics", International Journal of Emerging Technologies and Innovative Research (www.jetir.org), ISSN:2349-5162, Vol.9, Issue 6, page no.260-266, June-2022, Available :http://www.jetir.org/papers/JETIRFM06046.pdf

"Automated Data Acquisition in SIEM for Incident Handling Process & Digital Forensics", International Journal of Emerging Technologies and Innovative Research (www.jetir.org | UGC and issn Approved), ISSN:2349-5162, Vol.9, Issue 6, page no. pp260-266, June-2022, Available at : http://www.jetir.org/papers/JETIRFM06046.pdf