tomrade
commented
5 years ago Just realised your standardising Maps to standard fields so it could be too useful there with manual checking
Closed tomrade closed 5 years ago
tomrade
commented
5 years ago Just realised your standardising Maps to standard fields so it could be too useful there with manual checking
Hey this looks awesome , We currently use a python based tool (python-evtx) with maps we generated from https://github.com/nsacyber/Windows-Event-Log-Messages and https://github.com/nsacyber/Windows-Event-Log-Messages/blob/master/docs/Datasets.md as a starting point. Do you have any plans for maps at the moment?
Looking forward to trying this parser as python performance has always been an issue.