This is the command grokevt-findlogs that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
grokevt-findlogs - Attempts to find log file fragments in raw binary files, such as memory
dumps and disk images.
SYNOPSIS
grokevt-findlogs -? .PP grokevt-findlogs [-v] [-h] [-H] [-o offset] raw-file .SH
DESCRIPTION grokevt-findlogs searches a raw binary file for event log records. It produces
a simple comma-separated values (CSV) output to stdout which includes metadata and offsets
of any hits. Using the metadata and offset/contiguity information, it should be easy to
determine if the hits are false positives or not.
ARGUMENTS
raw-file
The binary file to be searched.
OPTIONS
-? Prints a basic usage statement.
-v Verbose mode. Prints status messages to stderr, which can be helpful for debugging.
(Currently does nothing.)
-h Prints a header row at the top of the CSV output containing labels for each column.
(This is the default behavior.)
-H Disables the printing of a header row. This is useful when grokevt-findlogs is used
in a script.
-o offset
Begin search at this byte offset within the binary file.
Use grokevt-findlogs online using onworks.net services
