EVTX and Windows Event Logging

This paper will explore Microsoft's EVTX log format and Windows Event Logging framework. The EVTX data stream and structure will be defined as a basis for the Windows Event Logging framework and log subscription components that can be used to collect and correlate logs in a complex Windows-based...

By

Brandon Charter

November 13, 2008

All papers are copyrighted. No re-posting of papers is permitted

Related Content

Cybersecurity and IT Essentials, Cybersecurity Insights

October 24, 2024

The ABCs of Cybersecurity

A glossary of cybersecurity terminology that will help you quickly get up to speed on the industry’s terms and meanings.

Why SANS - Blog - Zero Trust - Best Practices for Securing Your Network with Zero Trust Network Access_340 x 340.jpg

Cybersecurity Insights

August 16, 2024

Best Practices for Securing Your Network with Zero Trust Network Access

Zero Trust Network Access has emerged from the rapidly evolving world of cybersecurity as a critical strategy for protecting networks.

Cybersecurity Insights

December 7, 2020

SANS Zoom Backgrounds

Download our Zoom backgrounds!