Details
-
New Feature
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Although ConsumeWindowsEventLog and ParseEvtx can take Windows Event Logs as input and output XML, the XML format (especially the EventData contents) can be cumbersome to use with XMLRecordReader.
This case proposes a new RecordReader that can specifically take the output from ConsumeWindowsEventLog/ParseEvtx and read it in a more record-friendly format, such as transforming the <Data> tags into "first-class" fields in the output record.
Attachments
Issue Links
- links to
