question in $logfile

General (Technical, Procedural, Software, Hardware etc.)

Last Post by joakims 12 years ago

2 Posts

2 Users

0 Reactions

486 Views

RSS

3ammary

(@3ammary)

Active Member

Joined: 12 years ago

Posts: 10

Topic starter 20/12/2013 2:14 am

how to get the time stamp of every transaction in the $logfile
thanks

Quote

joakims

(@joakims)

Estimable Member

Joined: 15 years ago

Posts: 224

20/12/2013 3:10 am

That's not easy to answer at all. You can try this one and see what you get; http//mft2csv.googlecode.com/files/LogFile_Parser_v1.0.0.13.zip

Quick answer is that not all transactions have timestamps to them. And for the rest of them it needs a little bit training to understand. Remember it is a log for all that is going on on a complex and advanced filesystem.

Other options are
1. http//code.google.com/p/ntfs-log-tracker/downloads/list
2. ANJP by David Cowen

I am not very familiar with the output of the last 2. However I am the author of the first one.

ReplyQuote

8 Forums
15.7 K Topics
92.3 K Posts
267 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed