windows_event_log_evt = {

  # The name of the log format
  log.format.format_label = "Windows Event .evt Log Format (SUPPORTED ONLY AFTER CSV OR TEXT EXPORT)"
  log.miscellaneous.log_data_type = "generic"  
  log.miscellaneous.log_format_type = "other"

  # The log is in this format if any of the first ten lines match this regular expression
  # Note: we're detecting just from the filename, but one example starts with a 0 followed by null,
  # so detecting ^0$ would have worked in that case.  Not sure if it would work in all cases, though.
  log.format.autodetect_expression = "
node_exists('volatile.processing_log_filename') and ends_with(lowercase(volatile.processing_log_filename), '.evt')
"


  create_profile_wizard_options = {

    not_supported_message = "This log data appears to be in Windows Event Log .evt Format, which is a binary format not supported directly by $PRODUCT_NAME ($PRODUCT_NAME processes text files, and does not support binary formats).  You can still analyze this data with $PRODUCT_NAME, but you will need to export it first, using any of a variety of export options $PRODUCT_NAME supports.  Options include the dumpel command, the dumpevt command, awtools, or export from the Event Viewer.  You can find these tools, which are mostly free, by searching for these words in an Internet search engine."

  } # create_profile_wizard_options

} # windows_event_log_evt