evtx2bodyfile 1.0.0

Parses a lot of evtx files and prints a bodyfile

evtx2bodyfile-1.0.0 is not a library.

evtx2bodyfile

Parses a lot of evtx files and prints a bodyfile

Usage

# convert to bodyfile only
evtx2bodyfile Security.evtx >Security.bodyfile

# create a complete timeline
evtx2bodyfile *.evtx | mactime -d -b >evtx_timeline.csv