Python bindings for https://github.com/omerbenamram/evtx

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for OmerBA from gravatar.com OmerBA

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

pyevtx-rs

Python bindings for https://github.com/omerbenamram/evtx/.

Installation

Available on PyPi - https://pypi.org/project/evtx/.

To install from PyPi - pip install evtx

Wheels

Wheels are currently automatically built for Python 3.7+ using abi3 tag (which means they are compatible with all version from 3.7 onwards).

Supported platforms are:

  • Linux x86_64
  • macOS x86_64
  • macOS arm64 (m1)
  • Windows x86_64

Installation from sources

Installation is possible for other platforms by installing from sources.

This requires a Rust compiler and a recent enough Setuptools and Pip.

Run pip install -e .

Usage

The API surface is currently fairly limited (only yields events as XML/JSON documents), but is planned to be expanded in the future.

This will print each record as an XML string.

from evtx import PyEvtxParser


def main():
    parser = PyEvtxParser("./samples/Security_short_selected.evtx")
    for record in parser.records():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')

And this will print each record as a JSON string.

from evtx.parser import PyEvtxParser


def main():
    parser = PyEvtxParser("./samples/Security_short_selected.evtx")
    for record in parser.records_json():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')

File-like objects are also supported.

from evtx.parser import PyEvtxParser


def main():
    a = open("./samples/Security_short_selected.evtx", 'rb')

    # io.BytesIO is also supported.
    parser = PyEvtxParser(a)
    for record in parser.records_json():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for OmerBA from gravatar.com OmerBA

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

This version

0.8.9

0.8.8

0.8.7

0.8.6

0.8.4

0.8.3

0.8.2

0.8.1

0.8.0

0.7.3

0.7.2

0.6.11

0.6.10

0.6.9

0.6.8

0.6.7

0.6.6

0.6.5

0.6.3

0.6.2

0.5.1

0.4.0

0.3.2

0.3.0

0.2.7

0.2.6

0.2.5

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

evtx-0.8.9-cp37-abi3-win_amd64.whl (745.9 kB view details)

Uploaded CPython 3.7+Windows x86-64

evtx-0.8.9-cp37-abi3-musllinux_1_2_x86_64.whl (870.6 kB view details)

Uploaded CPython 3.7+musllinux: musl 1.2+ x86-64

evtx-0.8.9-cp37-abi3-musllinux_1_2_aarch64.whl (839.6 kB view details)

Uploaded CPython 3.7+musllinux: musl 1.2+ ARM64

evtx-0.8.9-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (964.3 kB view details)

Uploaded CPython 3.7+manylinux: glibc 2.17+ x86-64

evtx-0.8.9-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (843.2 kB view details)

Uploaded CPython 3.7+manylinux: glibc 2.17+ ARM64

evtx-0.8.9-cp37-abi3-macosx_11_0_arm64.whl (884.1 kB view details)

Uploaded CPython 3.7+macOS 11.0+ ARM64

evtx-0.8.9-cp37-abi3-macosx_10_12_x86_64.whl (889.7 kB view details)

Uploaded CPython 3.7+macOS 10.12+ x86-64

File details

Details for the file evtx-0.8.9-cp37-abi3-win_amd64.whl.

File metadata

  • Download URL: evtx-0.8.9-cp37-abi3-win_amd64.whl
  • Upload date:
  • Size: 745.9 kB
  • Tags: CPython 3.7+, Windows x86-64
  • Uploaded using Trusted Publishing? No
  • Uploaded via: maturin/1.8.2

File hashes

Hashes for evtx-0.8.9-cp37-abi3-win_amd64.whl
Algorithm Hash digest
SHA256 a3148e4d11f6e84732d8c42f733908e9648313fc1a4ab09e093001d2dea43f89
MD5 159b06496358576593ddca5312ae5b6f
BLAKE2b-256 e1b03d164b2adcb190905bdfb9b19f06bbcff5264c40a695542dbd35e4bc2895

See more details on using hashes here.

File details

Details for the file evtx-0.8.9-cp37-abi3-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.8.9-cp37-abi3-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 694e56853b2f33c234d922afe3fff6d2260c3742eef5b1581a9b0d834714829d
MD5 ae8c9b7a3073cfff0c8d48a86c54985a
BLAKE2b-256 7b61718325937d4c0fa4da2dcdbbc1c02148ffc229727d310f3a52ea6388c26c

See more details on using hashes here.

File details

Details for the file evtx-0.8.9-cp37-abi3-musllinux_1_2_aarch64.whl.

File metadata

File hashes

Hashes for evtx-0.8.9-cp37-abi3-musllinux_1_2_aarch64.whl
Algorithm Hash digest
SHA256 5bb43df9687e3d75a8a8ceeac08fbab3d814eddee418b4cdae7a8669a28c50bd
MD5 9a7c64224d213a6bb30cc489b29d5e14
BLAKE2b-256 4dac26562cf053f7dac31925265ed471f0c0f5f5267071b4a846d733a7fa229a

See more details on using hashes here.

File details

Details for the file evtx-0.8.9-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.8.9-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 84a17d9852202e2aa6a6b0a8f3489eae0b62afba4eaf5a231d703ad98f745e42
MD5 d1e27f76a607c46c7b5bee29116310e8
BLAKE2b-256 67bcd1c58d439a802670808684115e41275eae8729f16e36a23503bf82dad5a5

See more details on using hashes here.

File details

Details for the file evtx-0.8.9-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl.

File metadata

File hashes

Hashes for evtx-0.8.9-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
Algorithm Hash digest
SHA256 b86ae96784dafdc46c43b64ab5d36a15d45032fa683dedbf98b096b23abb14c8
MD5 bf83c76c519e56521da15324bede27b8
BLAKE2b-256 caef42cd331822995fbd1ebea6f7147565ab5e25ef3920e80aa4cbc91559ca60

See more details on using hashes here.

File details

Details for the file evtx-0.8.9-cp37-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for evtx-0.8.9-cp37-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 4642e0d380733f567541cb8e080ccd1db17439223a6f020340c05a791511db42
MD5 68ff989025a9cceb2d81f77e7f4873df
BLAKE2b-256 d4564dc8ba8e611d58e85b7889479fbe4607c1dfad820c9f9632be23127b0653

See more details on using hashes here.

File details

Details for the file evtx-0.8.9-cp37-abi3-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.8.9-cp37-abi3-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 ec30a230bfc8b7db0a614f6e3d80f970162c0d9657e0cb0ffc340597fbcc8ad5
MD5 c8a9c2d472db36081c7dcfe23f060e5a
BLAKE2b-256 1a866e229469c6e40e06721a04cfeed37105013673cdb0ddcc804fc03670d26a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page