EricZimmerman evtx issues

EricZimmerman / evtx

C# based evtx parser with lots of extras

MIT License

282 stars 59 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Add new maps, minor updates

#91 AndrewRathbun closed 3 years ago
0
error parse evtx as the map is empty

#90 naderhabbbab closed 3 years ago
3
Add new maps, minor fixes, added documentation

#89 AndrewRathbun closed 3 years ago
0
Update Microsoft-Windows-Kernel-PnP-Configuration_Microsoft-Windows-K…

#88 AndrewRathbun closed 3 years ago
0
Add new maps

#87 AndrewRathbun closed 3 years ago
0
Add Varonis Maps

#86 AndrewRathbun closed 3 years ago
0
Create Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-…

#85 AndrewRathbun closed 3 years ago
0
Add new maps, minor fixes

#84 AndrewRathbun closed 3 years ago
0
Add new maps

#83 AndrewRathbun closed 3 years ago
0
Add new maps

#82 AndrewRathbun closed 3 years ago
0
Add new maps

#81 AndrewRathbun closed 3 years ago
0
add new maps

#80 hyuunnn closed 3 years ago
0
add maps

#79 hyuunnn closed 3 years ago
2
add maps

#78 hyuunnn closed 3 years ago
0
Minor corrections

#77 AndrewRathbun closed 3 years ago
0
New maps, update existing, update guide

#76 AndrewRathbun closed 3 years ago
0
fix maps

#75 hyuunnn closed 3 years ago
0
BITS maps

#74 forensenellanebbia closed 3 years ago
0
Create Security_Microsoft-Windows-Security-Auditing_4656.map

#73 AndrewRathbun closed 3 years ago
0
New map, add documentation

#72 AndrewRathbun closed 3 years ago
0
New map ideas

#71 AndrewRathbun closed 3 years ago
24
Update filenames, new maps, minor fixes, etc

#70 AndrewRathbun closed 3 years ago
0
add new maps

#69 hyuunnn closed 3 years ago
0
add new map

#68 hyuunnn closed 3 years ago
0
4625: added lookups for failure reasons

#67 forensenellanebbia closed 3 years ago
0
New maps, update maps, and add documentation

#66 AndrewRathbun closed 3 years ago
0
Fixing a missing quote in description

#65 anelshaer closed 3 years ago
1
Parsing issue with WMI 5860

#64 anelshaer closed 3 years ago
5
Add maps, update existing

#63 AndrewRathbun closed 3 years ago
0
Standardization Updates and Examples Added

#62 AndrewRathbun closed 3 years ago
0
Update Documentation and Event Examples

#61 AndrewRathbun closed 3 years ago
0
Standardization and Documentation Updates

#60 AndrewRathbun closed 3 years ago
0
Added LogonIDs and ActivityIDs

#59 forensenellanebbia closed 3 years ago
0
New maps for Citrix events

#58 forensenellanebbia closed 3 years ago
2
Update filename

#57 AndrewRathbun closed 3 years ago
0
Add documentation

#56 AndrewRathbun closed 3 years ago
0
Rename map

#55 AndrewRathbun closed 3 years ago
0
Minor tweaks and standardization fixes

#54 AndrewRathbun closed 3 years ago
0
Rename/Standardize Microsoft-Windows-WPD-MTPClassDriver 1005

#53 AndrewRathbun closed 3 years ago
0
Standardized all maps. Added Documentation.

#52 AndrewRathbun closed 3 years ago
0
Standardization of Map Naming Convention, Update README

#51 AndrewRathbun closed 3 years ago
0
Create Microsoft-DriverFrameworks-UserMode_2100.map

#50 AndrewRathbun closed 3 years ago
0
Standardize Providers in all maps

#49 AndrewRathbun closed 3 years ago
0
Update Sysmon Logs

#48 AndrewRathbun closed 3 years ago
0
Maps: same Channel + Event ID, but different Providers

#47 karch4n6 closed 3 years ago
11
add new maps

#46 hyuunnn closed 3 years ago
0
add new maps

#45 hyuunnn closed 3 years ago
1
New maps, various fixes

#44 AndrewRathbun closed 3 years ago
0
New maps

#43 AndrewRathbun closed 3 years ago
0
Various fixes

#42 AndrewRathbun closed 3 years ago
0

Previous Next