These are collected in chronological order from most recent of some posts (not all) around the following topics.
Infosec career advice
Forensics - where to start? https://www.reddit.com/r/AskNetsec/comments/bjyz1b/forensics_where_to_start_practicing/emesxi9/
Active Directory
Collecting Domain Controller event logs: https://www.reddit.com/r/QRadar/comments/cml9oc/collect_domain_controller_event_logs/f0ygoli/
Auditing AD: https://www.reddit.com/r/sysadmin/comments/d4jz6g/auditing_ad/f0taryd/ and some very useful links including https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
Windows Server log monitoring
Collecting Windows Events and Splunk https://www.reddit.com/r/Splunk/comments/ce1ajv/collecting_windows_logins_events_specifically/ety1hgg/
RDP logging https://www.reddit.com/r/sysadmin/comments/cd3ln0/help_monitoring_active_sessionuse_time/ettzh56/
AMSI logging https://www.reddit.com/r/QRadar/comments/cb7h6f/amsi_logging/etjt9cn/
Using ETW Providers to log (ie keylogging via ETW traces) https://www.reddit.com/r/AskNetsec/comments/bbt87f/best_practice_for_security_against_keyloggers/ekmrpj0/
USB ETW Provider https://www.reddit.com/r/sysadmin/comments/b999sw/how_to_monitor_exactly_who_is_writing_what_to_a/ek3xk2f/
PowerShell
https://www.reddit.com/r/sysadmin/comments/b6uyta/is_powershell_useful/ejnh287/
https://www.reddit.com/r/AskNetsec/comments/avf88l/red_v_blue_team_example/eiow1r6/
DNS logging
Microsoft IIS
https://www.reddit.com/r/sysadmin/comments/cxi3vr/what_is_a_simple_syslog_agent_for_windows/ezpycuw/
https://www.reddit.com/r/sysadmin/comments/d0522y/iisw3c_log_monitor_realtime_alerts/ez6p5wm/
https://www.reddit.com/r/sysadmin/comments/cxi3vr/what_is_a_simple_syslog_agent_for_windows/eymd80g/
https://www.reddit.com/r/sysadmin/comments/cxi3vr/what_is_a_simple_syslog_agent_for_windows/eyl7zwj/
Log collection and better security
Implement file integrity monitoring over configuration file changes https://www.reddit.com/r/sysadmin/comments/c6gcqw/how_do_you_log_configuration_changes/etbvx1w/
OWASP zaproxy https://www.reddit.com/r/AskNetsec/comments/bkmja3/list_or_cheatsheet_of_chrome_dev_tools_exploits/emih611/
Using event logs to deal with obfuscation - https://www.reddit.com/r/AskNetsec/comments/cz8ivg/how_do_you_see_through_obfuscation/eyxavte/
Please forward your logs https://www.reddit.com/r/AskNetsec/comments/bc5e5g/is_there_any_valid_reason_to_delete_windows/ekpb4sy/
Yes - use encryption when you ship your event logs! https://www.reddit.com/r/sysadmin/comments/ctltux/event_log_shipping_encrypted_being_unnecessarily/exqhss4/ and https://www.reddit.com/r/sysadmin/comments/ctltux/event_log_shipping_encrypted_being_unnecessarily/exm2x0x/
Look into events that show Indicators of Compromise and Indicators of Attack. https://www.reddit.com/r/sysadmin/comments/cdg2v9/what_do_you_usually_monitorlog_in_your_environment/etu0j16/
https://www.reddit.com/r/cybersecurity/comments/b69db1/top_cybersecurity_threats/ejk78hd/
Why centralize logging: https://www.reddit.com/r/aws/comments/a754le/what_is_centralized_logging_and_why_should_we_use/ec1fwwi/
Monitoring of logging https://security.stackexchange.com/questions/203428/monitoring-of-logging/204432#204432
I detected someone probing my site for weaknesses, what can I do about it? https://security.stackexchange.com/questions/197038/i-detected-someone-probing-my-site-for-weaknesses-what-can-i-do-about-it/197044#197044
Auditing and compliance
Windows event log - Audit failure https://security.stackexchange.com/questions/204879/windows-event-log-security-audit-failure/206294#206294
Prove log files weren’t tampered with https://security.stackexchange.com/questions/202709/prove-log-files-werent-tampered-with/203418#203418
Log and file auditing https://security.stackexchange.com/questions/196769/log-and-file-auditing/197047#197047
Misc for event log shipping
Netflow / Networking
Netflow https://www.reddit.com/r/networking/comments/ck14uq/nxlogs_netflow_to_syslogs/evjcs10/
Bro security network monitor https://www.reddit.com/r/networking/comments/beebde/network_tools_for_monitoring/el7rn9x/
nmap scans https://www.reddit.com/r/AskNetsec/comments/a1i3gl/how_do_you_detect_nmap_scans/eazsijz/
Other questions
Docker logging https://www.reddit.com/r/sysadmin/comments/bepkxf/is_docker_still_popular_or_widely_used/el7s00i/
https://www.reddit.com/r/sysadmin/comments/ax1kaz/powershell_script_for_audit_logs/ehu876h/
https://www.reddit.com/r/selfhosted/comments/abtb1i/email_security_lab/edk6z7m/
Setting up OWASP authentication against 2 page form authentication https://security.stackexchange.com/questions/206160/setting-up-owasp-zap-authentication-against-2-page-forms-authenication/206292#206292
This post is being updated throughout the year