Extract all Event Logs as long as we know their names and filter them by EventID if we want, there is an example config file in config/events.yml
The .evtx files will be extracted .xml files will be created with the extracted events for each journal. The parsing to find the EventID is wonky but should work with every format.
Extract all Event Logs as long as we know their names and filter them by EventID if we want, there is an example config file in
config/events.ymlThe .evtx files will be extracted .xml files will be created with the extracted events for each journal. The parsing to find the EventID is wonky but should work with every format.