# Windows : No Event Logs

Following Tools have the capability to fetch the associated logs 

* PS Read Line (to fetch PS commands)
* Prefetch (from Cache : executed executables)
* Shimcache
* USN Journal (use velociraptor)