scraped_evt

$ target-query <path/to/target> -f scraped_evt

Details

Module	dissect.target.plugins.os.windows.log.evt.EvtPlugin
Output	records

Module documentation

Windows .evt event log plugin.

Function documentation

Yields EVT log file records scraped from target disks