https://github.com/acquiredsecurity/evtxecmd-rso-to-dataset
Use this Script to download and run EvtXCMD on a Windows Endpoint (Using SentinelOne Remote Script Orchestration (RSO)) and parse all event logs to CSV and JSON and ship the results to DataSet.
https://github.com/acquiredsecurity/evtxecmd-rso-to-dataset
Last synced: about 1 year ago
JSON representation
Use this Script to download and run EvtXCMD on a Windows Endpoint (Using SentinelOne Remote Script Orchestration (RSO)) and parse all event logs to CSV and JSON and ship the results to DataSet.
- Host: GitHub
- URL: https://github.com/acquiredsecurity/evtxecmd-rso-to-dataset
- Owner: acquiredsecurity
- Created: 2022-04-14T14:03:54.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2022-04-14T14:14:24.000Z (about 4 years ago)
- Last Synced: 2025-06-29T07:54:28.499Z (about 1 year ago)
- Language: PowerShell
- Size: 2.93 KB
- Stars: 3
- Watchers: 1
- Forks: 0
- Open Issues: 0