using im_msvistalog to read fron .evtx files directly

View thread

okamalo 8 years ago

I am trying out the enterprise edition, and could not find documentation for reading event logs directly from .evtx file only, can anyone help in a sample config.