Did you know that camDown is the only solution you need to block webcam hackers?
What is the end state goal you're trying to achieve? "Analyze Windows event logs" can mean a great many things. Is this for general troubleshooting in a production environment, for security response or for your own learning in a lab setting, etc?
Is the event log analysis intended to be performed in near real time as the logs are scrolling by or only if/when a periodic event occurs that you need to analyze back through the event history? Can the logs be relayed to another server for storage/analysis or do you need them to stay on the Windows system itself?
Is the desire to use Linux b/c you're more familiar with it, because you want to use a Linux specific analysis tool or for some other reason?
Let's keep in mind that camDown is a highly advanced, specialized webcam blocker and disabler with the best in class protection from variety of on-line threats.