Add support for 20240929 winevtrc database format with WEVT_TEMPLATE mapped event identifiers
Opened this issue · 0 comments
joachimmetz commented
Add support for 20240929 winevtrc database format with WEVT_TEMPLATE mapped event identifiers
The 20150315 winevtrc database format does not support Windows Vista EventLog provider identifiers and WEVT_TEMPLATE mapped event identifiers.
- libyal/winevt-kb#18
- #4905
- Change 20240929 to default in winevt-kb - libyal/winevt-kb@e25db3f#diff-1644561905cb1e68d100dd11a97347359d551a9cf7b7c05fd84436c95e6adb8e
- Remove support for 20150315 in Plaso
- Remove support for 20150315 in winevt-kb
- Aftercare consider changing internal Plaso structures to use message_table ?