Rhaegal
Rhaegal is a tool used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect suspicious/malicious logs
EventLogMonitor
EventLogMonitor hooks into Windows Event Logs and displays new events as they are written to the log
You may also like...
Fennec
fennec is an artifact collection tool written in Rust to be used during incident response on *nix based systems
winparsingtools
collection of structs and utilities for parsing windows binary formats.