meta data for this page
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| soc:irt:windows:start [2026/06/11 14:50] – created titannet | soc:irt:windows:start [2026/06/11 15:03] (current) – titannet | ||
|---|---|---|---|
| Line 8: | Line 8: | ||
| * Create json from windows event logs | * Create json from windows event logs | ||
| * Filter -> Analyse in visidata | * Filter -> Analyse in visidata | ||
| + | |||
| + | <code bash> | ||
| + | # in folder with evtx | ||
| + | # --user 1001:1001 | ||
| + | docker run -rm -it -v ./:/data -v ./ | ||
| + | |||
| + | |||
| + | vd ~.json | ||
| + | # scroll to criticality | ||
| + | strg-f | ||
| + | # | ||
| + | |||
| + | |||
| + | </ | ||