ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.
Talk:Windows Event Log (EVT)
ASchuster: Can you provide the source of your information on the header, cursor, retention, etc? If MSDN has this information, a link to it should be included in this page.
This information was obtained through extensive testing. As fas as I know the only information available on MSDN is the declaration of the event record. --ASchuster