-
Got this backtrace on a file pulled from memory during an investigation. Let me know if you need/want anymore information. It parses a couple XML records before backtracing.
```
Traceback (most re…
-
In my case,I used the winlogbeat to read evtx file ;
In the beginning it's good for task ,the evtx file be read quickly.
But Suddenly I find a question - If the evtx file be write all the time(for e…
-
Good day to the developers,
thanks a lot for this good program.
I use it together with TranslucentTB (both latest version) and on Windows 11 23H2 it worked fine.
After now installing the latest…
-
**Description**
When I try to parse some of evtx files from this set [EVTX samples - EVTX-to-MITRE-Attack](https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack), EvtxECmd (latest version) displays s…
-
I'm not Go developer, but need to use this package to read `.evtx` file until create a json file. I already create 1 to learn how to use this package but still confused. Can anybody help?
```go
pa…
-
### Windows Version
Microsoft Windows [Version 10.0.26080.1400]
### WSL Version
2.1.5
### Are you using WSL 1 or WSL 2?
- [X] WSL 2
- [X] WSL 1
### Kernel Version
N/A
### Dist…
-
Hi,
When attempting to parse an evtx file as gathered by a collector on a Win server 2012 R2 box ; I get the following errors:
```
./evtx_dump.py Archive-ForwardedEvents-2017-07-19-09-54-122.e…
-
I get the error :
Failed to dump the next record.
Caused by:
0: Failed to parse record number 341
1: An error occurred while trying to serialize binary xml to output.
2: Building a …
-
**Describe the bug**
New install on a new laptop, has updated to 4.8.5. As soon as I click on Start Response Time Testing I get a pop-up of "Unexpected Error: Illegal Characters in Path"
**To Repr…
-
hi Willy,
I've this issue with `evtx_dump.py` on `Microsoft-Windows-Ntfs%4Operational.evtx` file (from Windows 10) :
```python
Traceback (most recent call last):
File "/usr/bin/evtx_dump.py", …