https://github.com/virustotal/vt-windows-event-stream

Stream windows events to a file.
https://github.com/virustotal/vt-windows-event-stream

Last synced: 9 months ago
JSON representation

Stream windows events to a file.

Host: GitHub
URL: https://github.com/virustotal/vt-windows-event-stream
Owner: VirusTotal
License: apache-2.0
Created: 2022-01-18T11:25:20.000Z (over 4 years ago)
Default Branch: main
Last Pushed: 2024-01-26T15:58:11.000Z (over 2 years ago)
Last Synced: 2025-04-12T19:14:36.980Z (about 1 year ago)
Language: C++
Size: 19.9 MB
Stars: 8
Watchers: 23
Forks: 5
Open Issues: 0
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE.txt

Awesome Lists containing this project

README

# vt-windows-event-stream
Tool to stream windows events to a file.
This is a demo tool inspired by:
* https://docs.microsoft.com/en-us/windows/win32/wes/subscribing-to-events
* https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

## Command line usage
Example usage with command line:

```
vt-windows-event-stream.exe
vt-windows-event-stream.exe Microsoft-Windows-Sysmon/Operational c:\sysmon.xml
vt-windows-event-stream.exe Microsoft-Windows-Sysmon/Operational \\server\tmp\sysmon.xml
vt-windows-event-stream.exe Security \\server\tmp\security.xml
vt-windows-event-stream.exe Microsoft-Windows-Powershell/Operational \\server\tmp\ps.xml

```

## DLL usage
* Call DLL directly see [headers](event-stream-dll/event-stream.h)
* See [importeventlogs.au3](importeventlogs.au3) example

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/virustotal/vt-windows-event-stream

Awesome Lists containing this project

README