scraped_evtx

$ target-query <path/to/target> -f scraped_evtx

Details

Module	os.windows.log.evtx.EvtxPlugin
Output	records

Module documentation

Plugin for fetching and parsing Windows Eventlog Files (*.evtx)

Function documentation

Return EVTX log file records scraped from target disks