1. Carta.tech
2. Packages
3. grokevt

• 6

  Section 1: Executable programs or shell commands

  grokevt-addlog.1

  A tool for adding a raw event log to an existing grokevt database.

  grokevt-builddb.1

  Builds a database tree based on a single windows system for the purpose of event log conversion.

  grokevt-dumpmsgs.1

  A tool for dumping the contents of message databases built previously by grokevt-ripdll(1).

  grokevt-findlogs.1

  Attempts to find log file fragments in raw binary files, such as memory dumps and disk images.

  grokevt-parselog.1

  Parse a windows event log and generate human-readable output based on message resources stored in a database.

  grokevt-ripdll.1

  A tool for extracting message resources from a pe-formatted file.

• 1

  Section 7: Miscellaneous

  grokevt.7

  A collection of scripts built for reading windows event log files.