https://github.com/foxforensics/eventid
Lookup Windows event messages by their event id.
https://github.com/foxforensics/eventid
database event event-id event-logs evtx go lookup messages provider windows
Last synced: 12 days ago
JSON representation
Lookup Windows event messages by their event id.
- Host: GitHub
- URL: https://github.com/foxforensics/eventid
- Owner: foxforensics
- License: mit
- Created: 2025-12-19T12:37:36.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2026-05-10T19:56:11.000Z (about 1 month ago)
- Last Synced: 2026-05-18T23:30:54.750Z (25 days ago)
- Topics: database, event, event-id, event-logs, evtx, go, lookup, messages, provider, windows
- Language: Go
- Homepage: https://pkg.go.dev/go.foxforensics.dev/eventid
- Size: 5.19 MB
- Stars: 1
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
# EventID
Lookup Windows event messages by id and provider (up to Windows 10).
```console
go install go.foxforensics.dev/eventid@latest
```
## Usage
```console
$ eventid [PROVIDER:]ID...
```
## Acknowledgments
* Based on the [evtx-data](https://github.com/Velocidex/evtx-data/tree/master/welm) by [Velocidex](https://github.com/Velocidex).
* Based on the [WELM project](https://github.com/nsacyber/Windows-Event-Log-Messages) by [NSACyber](https://github.com/nsacyber).
## License
Released under the [MIT License](LICENSE.md).