Binary commandline executable to parse ETL files.
ETLs or Event Trace Logs are ETW trace sessions that are stored to disk. Event Tracing for Windows was introduced in Windows 2000 and is still going strong up to Windows 10.
ETL files can contain a snapshot of events related to the state information at a particular time or contain events related to state information over time. http://www.hecfblog.com/2018/06/etw-event-tracing-for-windows-and-etl.html
Category: ETL
Category URL: http://www.dfir.training/component/mtree/forensic-utilities-windows/etl?Itemid=
