As mentioned in my post about SystemSherlock Lite, I really love this tool after few days… Only problem I had is that it can take some time to realize what really happened – you need to read pretty big log files and you can spend precious time reading through temporary entries or documents and settings and miss one important entry saying that applications copied something to your System32 folder.
I was playing with Sherlock yesterday and I spent lot of time parsing through log files generated by SystemSherlock. Then I spend 20 minutes writing some automated parser and I want to share with you
Usage is pretty simple – just click on Open log file, select your log file and output similar to following should appear:
I dont know what else to add – this utility is pretty simple, however can save your time One more notice – log parse is able to handle also mixed logs (so if you have one log where you store different entries together with log output from SystemSherlock Lite, you can use it and it will only show entries from SystemSherlock Lite.
Any comments, requests? Feel free to post comments…