Is there any way to use ntevl probe but using a custom path for .evtx logs? People from windows team have several .evtx logs redirected to L:\
Any idea? Any way to customize the directory where ntevl looks for .evtx files? logmon?
Is it possible? Maybe not?
Any comment will be helpful.
Retrieving data ...