Talk:Windows Event Log (EVT)
From Forensics Wiki
Revision as of 08:59, 15 March 2006 by Mkucenski
ASchuster: Can you provide the source of your information on the header, cursor, retention, etc? I'm not quite clear on how this information is laid out. If MSDN has this information, a link to it should be included in this page.