85d2fe1693
Ingest EVTX files into a Splunk instance. This tool is based on the work of : Omer BenAmram Blardy Thanks to Ekto for its contribution. Key features: - Splunk HEC support with token auto-creation - Splunk index auto-creation - Multiprocessing support - Caching for evtx reuse without reconverting - Windows and Linux compatibility - Rely on the great and fast evtx_dump Rust tool of Omer - Evtx message resolutions from database Note: evtx2splunk converts the EVTX to JSON and stores them in a temporary place. Hence, up to the size of source EVTX can be created during the process. These files are removed at the end of the process, except if keep_cache is enabled.
3 lines
276 B
Text
3 lines
276 B
Text
TIMESTAMP = 1682884324
|
|
SHA256 (whikernel-evtx2splunk-2.0.1-12bfda6cdd83ae392df9303d0140a2eaa936a62f_GH0.tar.gz) = a203a63d063d004975ac5d928030188501e119bc63dc6f995644f9aa1577a36c
|
|
SIZE (whikernel-evtx2splunk-2.0.1-12bfda6cdd83ae392df9303d0140a2eaa936a62f_GH0.tar.gz) = 7116809
|