Etl2Pcap
This Script is part of the Windows Forensics Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
Receives an ETL file and converts it to a PCAP file.
Script Data#
| Name | Description |
|---|---|
| Script Type | python3 |
| Tags | |
| Cortex XSOAR Version | 6.0.0 |
Used In#
This script is used in the following playbooks and scripts.
- PS-Remote Get Network Traffic
Inputs#
| Argument Name | Description |
|---|---|
| EntryID | The file entry ID of the ETL File. |
Outputs#
| Path | Description | Type |
|---|---|---|
| EtlToPcap.NewFileName | The output filename. | Unknown |