alexkornitzer
commented
2 years ago As in supporting other event log formats that are not evtx? Or handling evtx files that do not have the evtx extension?
Closed jurelou closed 2 years ago
alexkornitzer
commented
2 years ago As in supporting other event log formats that are not evtx? Or handling evtx files that do not have the evtx extension?
jurelou
commented
2 years ago I mean handling evtx files that do not have the evtx extension
alexkornitzer
commented
2 years ago Awesome, cause that is on the list for v2, extension will no longer matter. It can be easily backported to v1 too to be honest.
alexkornitzer
commented
2 years ago This is addressed in v2.0.0-alpha.0
I can see that chainsaw only supports files with
evtxextension. https://github.com/countercept/chainsaw/blob/master/src/util.rs#L56Would it be possible to add a command line argument to check for a different file extension ?
thanks !