Data verified Jun 2026
ADYour product here. Reach security decision-makers.Launch a campaignUSN-Journal-Parser Description
The NTFS USN Change journal is a volume-specific log which records metadata changes to files. It is a treasure trove of information during a forensic investigation. The change journal is a named alternate data stream, located at: $Extend$UsnJrnl:$J. usn.py is a script written in Python which parses the journal's contents, and features several different output formats. Default Output With no command-line options set, usn.py will produce USN journal records in the format below: dev@computer:$ python usn.py -f usnjournal -o /tmp/usn.txt dev@computer:$ cat /tmp/usn.txt 2016-01-26 18:56:20.046268 | test.vbs | ARCHIVE | DATA_OVERWRITE DATA_EXTEND Command-Line Options optional arguments: -h, --help show this help message and exit -b, --body Return USN records in comma-separated format -c, --csv Return USN records in comma-separated format -f FILE, --file FILE Parse the given USN journal file -q, --quick Parse a large journal file quickly -s SYSTEM, --system SYSTEM System name (use with -t) -t, --tln TLN output (use with -s) -v, --verbose Return all USN properties for each record (JSON) --csv Using the CSV f
USN-Journal-Parser FAQ
Common questions about USN-Journal-Parser including features, pricing, alternatives, and user reviews.
USN-Journal-Parser is Python script to parse the NTFS USN Change Journal. It is a Security Operations solution designed to help security teams with File Analysis.
USN-Journal-Parser is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/PoorBillionaire/USN-Journal-Parser/ for download and installation instructions.
Popular alternatives to USN-Journal-Parser include:
1.MailXaminer MIME Header Analyzer - Email forensics tool for analyzing MIME header fields across 20+ formats. (Commercial)
2.Cyacomb - Digital forensics tools for detecting CSAM on devices and online platforms. (Commercial)
3.StegoVeritas - A versatile steganography tool with various installation options and detailed usage instructions. (Free)
4.Steghide - Steghide is a steganography program for hiding data in image and audio files. (Free)
5.iLEAPP - A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups. (Free)
Compare all USN-Journal-Parser alternatives at https://cybersectools.com/alternatives/usn-journal-parser
USN-Journal-Parser is for security teams and organizations that need File Analysis. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations
Have more questions? Browse our categories or search for specific tools.
