Open Fennecai opened 5 years ago
Fennecai
commented
5 years ago Found a way but have no idea how to use said way. Using process monitor (https://docs.microsoft.com/en-us/sysinternals/downloads/procmon) to generate an xml from a specific set of filters- however, when i try to use my generated xml file, i get the error that its not the right format. Some docs on what is would be nice!
mschilli87
commented
5 years ago @Fennecai
... i get the error that its not the right format. Some docs on what is would be nice!
Have you checked the wiki? Found this by a simple search. Hope it helps.
Fennecai
commented
5 years ago @Fennecai
... i get the error that its not the right format. Some docs on what is would be nice!
Have you checked the wiki? Found this by a simple search. Hope it helps.
it doesnt answer how i should format an xml. i already knew about that. its just how to format a .log but says nothing about xml at all.
mathieu-aubin
commented
5 years ago The answer you got points straight to what you need.
Custom log is pipe delimited following simple rules described on the page you got.
must convert your xml to suitable/acceptable log data
This tool is amazing. i love it, and i would also love to create visualizations like this for the windows MFT or similar filesystem list locally. It'd have to be based apon the file creation, last write, and last accessed dates present in the file meta but i think it can be done. maybe not showing which user did what but just showing the deletions and adds and stuff of all the files.
I have this idea because im currently about to re-install windows for like, the 3rd time in the years i've had this pc, and i think it'd be really cool to see how the file system changes over time by the time i finally have to re-install for the 4th iteration.