Bug#705327: grokevt-parselog: support operation without a database

Paul Wise pabs at debian.org
Sat Apr 13 07:15:03 UTC 2013

Package: grokevt
Version: 0.4.1-7
Severity: wishlist

grokevt-parselog requires a database, but I just received some
standalone .evtx files that I want to dump and I don't have access to
the Windows partition that they are from. It would be nice if grokevt
could parse standalone .evtx files.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/forensics-devel/attachments/20130413/4bc43532/attachment.pgp>

More information about the forensics-devel mailing list