grokevt-dumpmsgs command not found

In this troubleshooting guide we learn how to fix grokevt-dumpmsgs command not found error message

Introduction

When you run more command in linux terminal / console, you get the following error message

grokevt-dumpmsgs: command not found

or when using sudo you get the following error message

sudo: grokevt-dumpmsgs: command not found

Solutions to grokevt-dumpmsgs: command not found

How To Fix grokevt-dumpmsgs: command not found in Ubuntu / Debian / Kali Linux / Raspbian

In Ubuntu grokevt-dumpmsgs is provided by grokevt package.

grokevt is:

GrokEVT is a collection of scripts built for reading Microsoft Windows NT/2000/XP/2003 event log files.

Currently the scripts work together on one or more mounted Microsoft Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.

This program is useful in forensics investigations.

To fix this problem, we can install more using the command below.

sudo apt-get -y install grokevt

This command might take some time to finish depending on your machine internet connection.

You can also use apt command to install grokevt.

sudo apt -y install grokevt

Or if you have aptitude installed you can use the following command.

sudo aptitude install grokevt

Summary

In this tutorial we learn how to fix grokevt-dumpmsgs command not found error in Ubuntu / Debian / Kali Linux or Raspbian distribution.