-
Wondered if there were plans to read EVTX logs?
These are binary xml logs used by Windows. The logs themselves can be converted to XML (and then to JSON for example), however there is heavy use of …
-
Currently there is only support for process creation events, we'd like to add support for additional event ids.
We'd like to work on this issue. Can you assign it to us? @julieces @carlyabraham @al…
-
Would it be possible to add a `--low-memory-mode` option for Takajo, similar to the recently added option in Hayabusa?
I often process Windows Event Forwarding (WEF) logs (ForwardedEvents.evtx), wh…
-
Sorry for adding this as an issue, but I did not find a better way of asking this question:
Are there any plans for releasing a new version to PyPI with the relaxed version dependencies? The last r…
-
Hi there! Great tool, I got it to ingest Security.evtx and Application.evtx, but when I try to ingest System.evtx I always get a parsing error. I have a very basic understanding of programming logic, …
-
In a [recent discussion](https://twitter.com/DavidPany/status/1266779174901071872), it became clear to me that there's a desire for evtx tooling that supports an offline database of templates. Here's …
-
Is there anything special I need to do to get it to understand the EVTX files from Win7 machine? Installed dependencies, all looks well but when I run it, I get this:
```
/event2timeline-master$ pyth…
-
I'm looking for a powershell script that will allow me to point at a folder filled with evt and/or evtx files and convert each to a csv and/or txt file.
-
hi,when i import my event log ,i got these errors.but the sample Securyty.evtx is good,why?
$ sudo python3 logontracer.py --delete -e ./security.evtx -z +8 -u neo4j -p passwrod -s 192.168.1.69
[*]…
-
Following the documentation, I tried to ingest in gulp the data available in `./samples` directory as mentioned [here](https://github.com/mentat-is/gulp/blob/develop/docs/Install%20Dev.md#1-test).
…