GrokEVT Related Links
- evt_log_parse.txt - the program from which this project is loosely derived.
- pymavis - portions of the DLL parsing code are derived from this script.
- Andreas Schuster's Blog - Andreas has helped GrokEVT a great deal and he also provides a parser for newer Evtx files
Content on this page, unless otherwise indicated, is © 2002-2015 Sentinel Chicken Networks.
Reproduction is authorized under our terms.