python programming

How to use Partition%4DiagnosticParser

Published Date: December 7, 2020

In this post, Dimitrios presents how someone can use his Partition%4DiagnosticParser, in order to automatically extract all the available VSNs that reside in "Microsoft-Windows-Partition%4Diagnostic.evtx".

Are you sure you extract all the available Volume Serial Numbers (VSNs) that reside in the Windows 10 Event Log “Microsoft-Windows-Partition%4Diagnostic.evtx”?

Published Date: December 2, 2020

This time we shall see, how we can utilize windows' event logs in order to locate the VSN of a desired removable device and determine if it changes and when.