Monthly Archives: March 2016

How to parse Windows Eventlog

I often have to work with windows log files during incident response and every time it’s a very frustrating experience. Honestly, I think Windows logging system needs a complete rework. Windows logs for the most part completely useless with their cryptic messages, thousands of undocumented events and lack of any easy interface to work with. […]