This EnCase EnScript was written to parse the Vista/7 'setupapi.dev.log' for USB events. This log contains a lot of information about hardware events, including when USB devices are attached and can be useful to compare to file metadata to see what filesystem activity was also happening at the same time as when USB devices were connected.
Parse the setupapi.dev.log of USBs
Tools
License Type
Free
Tool Type
Small Tool
Developer
Guidance/OpenText
Utilities - Misc
EnScripts
{{#ratings}}
{{#editor}}
{{/editor}}
{{#user}}
{{/user}}
{{/ratings}}
{{#ownerCreatedBlock}}
{{/ownerCreatedBlock}}
{{#category}}
-
{{#owner}}
-
{{#url}}
{{#avatarSrc}}
{{/avatarSrc}} {{^avatarSrc}} {{& avatar}} {{/avatarSrc}} {{name}} {{/url}} {{^url}} {{#avatar}} {{& avatar}} {{/avatar}} {{name}} {{/url}}
- {{/owner}} {{#created}}
- {{created}} {{/created}}
Category: {{category.title}}
{{/category}}
{{#fields}}
{{#showLabel}}
{{/fields}}
{{label}}:
{{/showLabel}}
{{& text}}