Microsoft Logparser Query Files
GitHub: https://github.com/nettitude/logparser
Easy analysis of sysmon log files
We have created a set of queries for sysmon log files that will process each of the Event types that sysmon records – there are 15 different events at the time of writing. You can download these queries from Nettitude’s github account. LogParser studio will allow you to open each query in a separate tab; you can switch tabs according to your investigative needs.
![Sample LogParser SQL query Sample LogParser SQL query](https://i0.wp.com/labs.nettitude.com/wp-content/uploads/2017/03/3-Sample-LogParser-SQL-query-e1489060031792.png?resize=636%2C375&ssl=1)
Sample LogParser SQL query
Download Microsoft Logparser Query Files
We will update these as more events become available.