GrokEVT is a collection of scripts built for reading Microsoft Windows
NT/2000/XP/2003 event log files.
.
Currently the scripts work together on one or more mounted Microsoft Windows
partitions to extract all information needed (registry entries, message
templates, and log files) to convert the logs to a human-readable format.
.
This program is useful in forensics investigations.
Installed Size: 123.9 kB
Architectures: all