Perl is an extremely useful and powerful tool for performing computer forensic analysis. While there are applications available that let an examiner access acquired images and perform some modicum of visualization, there are relatively few tools that meet the specific needs of a specific examiner working on a specific case. This is where the use of Perl really shines through and becomes apparent. For example, I received a request from another examiner not long ago, asking for some assistance in parsing a Windows Event Log file. I provided a copy of evt2xls.pl, and the examiner ran into issues with having far too many records in the resulting spreadsheet file for MS Excel to open. I made some quick changes to the script, and resent it this led to a rather quick resolution of the issue, whereas prior to that, the examiner s ability to open the Event Log file and retrieve the necessary information was non-existent.