Windows XP Event Lo...
 
Notifications
Clear all

Windows XP Event Logs

4 Posts
3 Users
0 Likes
332 Views
(@jhooker)
Posts: 17
Active Member
Topic starter
 

Is it possible to analyse windows xp event logs using linux based / FOSS tools?

thanks!

 
Posted : 13/02/2008 6:55 pm
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

Yes. I have written Perl code for analyzing .evt files, that are based on parsing the files on a binary level without using the MS API at all.

 
Posted : 13/02/2008 7:25 pm
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

Also, check out PyFlag.

 
Posted : 13/02/2008 7:25 pm
(@farmerdude)
Posts: 242
Estimable Member
 

jhooker,

Absolutely. Both Delve and grokevt may be used to read EVT files.

regards,

farmerdude

 
Posted : 15/02/2008 7:06 pm
Share: