How to Use KAPE and SQLECmd with EventTranscript.db September 21, 2021 Webcast

or to bookmark this page

Click here to bookmark this page

Click here to remove bookmark

EventTranscript.db, a recently discovered Windows 10+ artifact, can track and maintain a wealth of artifacts and data elements. Kroll’s Andrew Rathbun and Josh Mitchell found that Kroll Artifact Parser and Extractor (KAPE), leveraging the EventTranscriptDB Target and SQLECmd Module, will collect the database from any Windows 10+ system if the database is enabled and parse it accordingly.

Join Andrew and Josh for a 30-minute webcast as they walk through the benefits of using the EventTranscriptDB Target using KAPE, parsing EventTranscript.db using !EZParser or SQLECmd Modules and how to set up EventTranscriptDB SQLECmd Map within your local instance of KAPE.

Schedule: 1:00 p.m. – 1:30 p.m. (EST)

Key Takeaways

  • Overview of the DiagTrack service
  • Ways control mechanisms can impact logging
  • Data sampling and how to identify its presence
  • EventTranscript.db in everyday analysis
  • How EventTranscript.db can be the only location of certain information
  • Investigative workflow using the applicable KAPE Target and Module
 

Tools Used in This Session

 

Speakers

2021-09-21T00:00:00.0000000 0001-01-01T00:00:00.0000000 /-/media/kroll/images/events/2021/featured-images/kape-sqlecmd-with-eventtranscript.jpg /en/insights/events/2021/webcast-kape-and-sqlecmd-with-eventtranscript event {E39587AD-8F0B-4FE2-865F-969BC5501096} {09213578-A7CA-4DD8-AE97-7476022C89D6} {3A077BFC-C74A-40AF-A14C-13BCF6E3873E} {CE2347F0-D222-4014-BA97-6A415CC633DF} {2F9D4938-E5F0-4F9C-9A20-C4A5DCF79130} {7A48DD95-1A63-4784-842F-A2BE81EAFE13} {042F6B91-DC71-4D5F-BB23-BFA7E05A37CE} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}
Register Now

This field is required
This field is required
This field is required
This field is required
This field is required A valid email address is required
Please select an Option
This field is required
This field is required
We will use this information to respond to your inquiry and process your data in accordance with our privacy policy.

Other Areas We Can Help

Cyber Risk

Cyber Risk

Global, end-to-end cyber risk solutions.

Cyber Risk
Incident Response and Litigation Support

24x7 Incident Response

Compliant notifications, reputation-saving remediation, and litigation support.

24x7 Incident Response
Cyber Risk Retainers

Cyber Risk Retainers

Secure a true cyber risk retainer with elite digital forensics and incident response capabilities.

Cyber Risk Retainers
Kroll Nominated in Two Categories at the Advisen Cyber Risk Awards

Computer Forensics

Expert computer forensic assistance at any stage of a digital investigation or litigation.

Computer Forensics
Anti-Bribery & Corruption Benchmarking Report – 2020

Data Collection and Preservation

Collection and preservation of all electronic evidence including email servers, networks, and more.

Data Collection and Preservation

Insights

Cyber

Forensically Unpacking EventTranscript.db: An Investigative Series

Cyber
Cyber

KAPE Quarterly Update – Q2 2021

Cyber
Cyber

Initial Access Brokers: Fueling the Ransomware Threat  - The Monitor, Issue 17

Cyber
Compliance

The Importance of Jurisdictional Risk When Doing Business with Money Services Businesses

Compliance

Events

Kroll Alternative Investments Virtual Conference

Calendar

Location

Navigating Risks in Emerging Markets: Making Renewables Work in Africa

Calendar

Location