Take advantage of EVTX logs the easy way

Windows logs are an immense source of information but they are hard to handle. Their richness is what makes them so difficult to exploit through conventional tools. Very often, when it comes to finding unknown facts in such logs, the approach based on query engines and dashboards is not efficient.

Because INENDI Inspector has been designed for fast investigations of complex logs, we have built a module dedicated to the rewriting of EVTX logs.

Combining INENDI Inspector and INENDI EVTX Rewriter will make your EVTX experience a completely different story!



INENDI EVTX Rewriter runs on a Linux system. It can parse standard EVTX log files.

It integrates smoothly with INENDI Inspector but can also be used independently to efficiently convert EVTX files in a structured CSV text file.

Technical functionalities

  • Intuitive presentation of the event hierarchy (channel, source, EventId and content) and associated statistics
  • Users can easily create and manage rewriting profiles (selections of events and sub-categories to be extracted)
  • Native integration with INENDI Inspector import pipeline.


  • Improves the level of security on Windows machines
  • Allows in-depth exploitation of EVTX logs
  • Allows easier exploitation of EVTX logs
  • Brings reactivity in case of compromission of a Windows server