Binary package “grokevt” in ubuntu oracular
scripts for reading Microsoft Windows event log files
GrokEVT is a collection of scripts built for reading Microsoft Windows
NT/2000/XP/2003 event log files.
.
Currently the scripts work together on one or more mounted Microsoft Windows
partitions to extract all information needed (registry entries, message
templates, and log files) to convert the logs to a human-readable format.
.
This program is useful in forensics investigations.
Source package
Published versions
- grokevt 0.5.0-5 in amd64 (Release)
- grokevt 0.5.0-6.1 in amd64 (Proposed)
- grokevt 0.5.0-6.1 in amd64 (Release)
- grokevt 0.5.0-5 in arm64 (Release)
- grokevt 0.5.0-6.1 in arm64 (Proposed)
- grokevt 0.5.0-6.1 in arm64 (Release)
- grokevt 0.5.0-5 in armhf (Release)
- grokevt 0.5.0-6.1 in armhf (Proposed)
- grokevt 0.5.0-6.1 in armhf (Release)
- grokevt 0.5.0-5 in i386 (Release)
- grokevt 0.5.0-6.1 in i386 (Proposed)
- grokevt 0.5.0-6.1 in i386 (Release)
- grokevt 0.5.0-5 in ppc64el (Release)
- grokevt 0.5.0-6.1 in ppc64el (Proposed)
- grokevt 0.5.0-6.1 in ppc64el (Release)
- grokevt 0.5.0-5 in riscv64 (Release)
- grokevt 0.5.0-6.1 in riscv64 (Proposed)
- grokevt 0.5.0-6.1 in riscv64 (Release)
- grokevt 0.5.0-5 in s390x (Release)
- grokevt 0.5.0-6.1 in s390x (Proposed)
- grokevt 0.5.0-6.1 in s390x (Release)