Lib.rs

#lot #parses #prints #bodyfile #convert #security #evtx

app evtx2bodyfile

Parses a lot of evtx files and prints a bodyfile

Owned by Jan Starke.

5 releases (stable)

1.3.0 May 2, 2023
1.2.0 Nov 14, 2022
1.1.0 Oct 30, 2022
1.0.0 Jul 25, 2022
0.2.0 Feb 28, 2022

#8 in #parses

39 downloads per month

GPL-3.0 license

31KB
274 lines

evtx2bodyfile

Parses a lot of evtx files and prints a bodyfile

Usage

# convert to bodyfile only
evtx2bodyfile Security.evtx >Security.bodyfile

# create a complete timeline
evtx2bodyfile *.evtx | mactime2 -d -b >evtx_timeline.csv

Dependencies

~17–27MB
~374K SLoC