Notifications
Clear all
General (Technical, Procedural, Software, Hardware etc.)
4
Posts
3
Users
0
Likes
333
Views
Topic starter
Is it possible to analyse windows xp event logs using linux based / FOSS tools?
thanks!
Posted : 13/02/2008 6:55 pm
Yes. I have written Perl code for analyzing .evt files, that are based on parsing the files on a binary level without using the MS API at all.
Posted : 13/02/2008 7:25 pm
Also, check out PyFlag.
Posted : 13/02/2008 7:25 pm
jhooker,
Absolutely. Both Delve and grokevt may be used to read EVT files.
regards,
farmerdude
Posted : 15/02/2008 7:06 pm