GitHub

Create Policy From Event Logs

This page in AppControl Manager allows you to create Application Control policies directly from local event logs or EVTX files. It focuses on processing Code Integrity and AppLocker event logs to help ...
IEEE

A Framework for the Generation of Monitor and Plant Model From Event Logs Using Process Mining for Formal Verification of Event-Driven Systems

Abstract: This article proposes a method for the automatic generation of a plant model and monitoring using process mining algorithms based on recorded event logs. The behavioral traces of the system ...
GitHub

EventWhisper — A Windows Event Log MCP

List EVTX files (optionally recursive) for any directory. Filter events to directly search for specific records. Built specifically for IR/DFIR & hunting so you don’t need to look up Event IDs all day ...