For example, events like valid and invalid logon attempts, as well as events related to resource use, such as the creating, opening, or deleting of files are very important for Windows forensic investigators. GrokEVT is one such Python implementation that helps you read Windows® NT/2K/XP/2K3 event log files.
Now, since this is an on going project, it has been reported to work only on Linux & FreeBSD as according to the authors tests, those are only the OS’es that natively allow case-insensitive filename mounting options. It will also work on Windows. You need software solutions like DD to work with.
![Windows下配置Apache的SSL服務[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)