certego / evtxtoelk Public

forked from dgunter/evtxtoelk

Notifications You must be signed in to change notification settings
Fork 1
Star 0

A lightweight tool to load Windows Event Log evtx files into Elasticsearch.

0 stars 31 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
Dockerfile		Dockerfile
LICENSE.txt		LICENSE.txt
README.rst		README.rst
apply_mapping.sh		apply_mapping.sh
clear_index.sh		clear_index.sh
evtxtoelk.py		evtxtoelk.py
requirements.txt		requirements.txt

Repository files navigation

EvtxtoElk

A lightweight tool to load Windows Event Log evtx files into Elasticsearch.

Examples

We wrote a blog on basic usage here https://dragos.com/blog/20180717EvtxToElk.html

More details will be posted here shortly.

About

A lightweight tool to load Windows Event Log evtx files into Elasticsearch.

Custom properties

Report repository

Releases 1

Mapped some evtx output fields to winlogbeat fileds Latest

Packages

No packages published

Languages

Python 93.9%
Shell 3.1%
Dockerfile 3.0%