acquiredsecurity/EvtxECMD-RSO-to-DataSet
Use this Script to download and run EvtXCMD on a Windows Endpoint (Using SentinelOne Remote Script Orchestration (RSO)) and parse all event logs to CSV and JSON and ship the results to DataSet.
PowerShell
Use this Script to download and run EvtXCMD on a Windows Endpoint (Using SentinelOne Remote Script Orchestration (RSO)) and parse all event logs to CSV and JSON and ship the results to DataSet.
PowerShell