GrokEVT Logo

GrokEVT

0
Free
Visit Website

GrokEVT is a collection of scripts built for reading Windows® NT/2K/XP/2K3 event log files. GrokEVT is released under the GNU GPL, and is implemented in Python. The scripts work together on one or more mounted Windows® partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.

FEATURES

ALTERNATIVES

Democratizing graph-based security analysis by collecting assets and relationships from services and systems into an intuitive graph view.

Free

HoneyView is a tool for analyzing honeyd logfiles graphically and textually.

Free

Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.

Commercial

RedELK enhances Red Team operations with SIEM capabilities to monitor and alert on Blue Team activities.

Free

Elasticsearch is a versatile platform for centralized data storage, fast search, and scalable analytics.

Free

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.

Free

Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.

Free

Logdissect is a CLI utility and Python library for analyzing log files and other data.

Free