Enhancing Event Log Analysis with EvtxECmd using KAPE March 30, 2021 Webcast

or to bookmark this page

Click here to bookmark this page

Click here to remove bookmark

How much time are you spending manually parsing and sorting event logs? With EvtxECmd, digital forensics professionals can optimize Windows event log analysis through its unique mapping feature. Created by Eric Zimmerman, EvtxECmd can be called via the EZParser module in KAPE (another tool created by Eric Zimmerman) to process thousands of events in seconds and create structured CSV files that are much easier to read and manipulate.

In this session, Kroll’s Andrew Rathbun will demonstrate how to run EvtxECmd through KAPE to expedite event log analysis and how to create your own custom maps. 

Schedule: 1:00 p.m. – 1:45 p.m. (EST) 

Key Takeaways

  • Understand the basic KAPE workflow with the EZParser module that calls EvtxECmd 
  • The general outputs from EZParser and how they are formatted 
  • How EvtxEcmd’s unique mapping feature works 
  • What a map looks like with EvtxECmd and how to create one on your own
 

Tools used in this session:

 

Speaker: Andrew Rathbun, Senior Associate, Cyber Risk, Kroll

2021-03-30T00:00:00.0000000 0001-01-01T00:00:00.0000000 /-/media/kroll/images/events/2020/featured-images/cyberevtxecmd-with-kape.jpg /en/insights/events/2021/webcast-event-log-analysis-with-evtxecmd-using-kape event {E39587AD-8F0B-4FE2-865F-969BC5501096} {09213578-A7CA-4DD8-AE97-7476022C89D6} {3F9C86F0-701F-4E6D-9B8B-E6EA351C3C63} {7EC13A8A-F86F-4AEB-8B10-1EE5D7371F2D} {3A077BFC-C74A-40AF-A14C-13BCF6E3873E} {F7669293-38FA-4E53-9244-F89C953E8631} {A3E80394-4BDC-4E1D-8266-0653FE885E69} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}

Other Areas We Can Help

Cyber Risk

Cyber Risk

Global, end-to-end cyber risk solutions.

Cyber Risk
Case Study: M&A Cyber Risk Report

Global eDiscovery Services

Unrivaled investigative and technical expertise empowers End-to-end eDiscovery services worldwide.

Global eDiscovery Services
Kroll Responder

Kroll Responder

Mature your cyber security with unparalleled visibility and constant protection.

Kroll Responder
Incident Response and Litigation Support

24x7 Incident Response

Compliant notifications, reputation-saving remediation, and litigation support.

24x7 Incident Response
Cyber Risk: The New Due Diligence Frontier

Penetration Testing Services

Assess clients' info security through simulated attacks using real-world hacker techniques.

Penetration Testing Services
Has COVID-19 Impacted Your Ability to Preserve Evidence for Future Litigation?

Ransomware Preparedness Assessment

Helps your organization avoid ransomware attacks by examining 14 crucial security areas and attack vectors.

Ransomware Preparedness Assessment

Insights

Cyber

Five Considerations on Service Providers' Privacy and Security

Cyber
Cyber

From The Future CIO Report: For Most, Cyber Incident Response Remains a Challenge

Cyber
Cyber

Case Study – Online Skimming Attack Facilitated by Work-From-Home Arrangements

Cyber
Cyber

Effective Cyber Crime Investigations Demand Thoughtful Disclosures

Cyber

Events