#LogParserStudio4IR Log Parser Studio is a great tool for searching Microsoft Event View Logs. Adding custom queries created during Incident Response cases Download Log Parser Studio from Microsoft https://gallery.technet.microsoft.com/office/Log-Parser-Studio-cd458765