Python bindings for https://github.com/omerbenamram/evtx

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for OmerBA from gravatar.com OmerBA

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

Build Status

pyevtx-rs

Python bindings for https://github.com/omerbenamram/evtx/.

Installation

Available on PyPi - https://pypi.org/project/evtx/.

To install from PyPi - pip install evtx

Wheels

Wheels are currently automatically built for python3.6 python3.7 for all 64-bit platforms (Windows, macOS, and manylinux).

Installation from sources

Installation is possible for other platforms by installing from sources, this requires a nightly rust compiler and setuptools-rust.

Run python setup.py install

Usage

The API surface is currently fairly limited (only yields events as XML/JSON documents), but is planned to be expanded in the future.

This will print each record as an XML string.

from evtx import PyEvtxParser


def main():
    parser = PyEvtxParser("./samples/Security_short_selected.evtx")
    for record in parser.records():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')

And this will print each record as a JSON string.

from evtx.parser import PyEvtxParser


def main():
    parser = PyEvtxParser("./samples/Security_short_selected.evtx")
    for record in parser.records_json():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')

File-like objects are also supported.

from evtx.parser import PyEvtxParser


def main():
    a = open("./samples/Security_short_selected.evtx", 'rb')
    
    # io.BytesIO is also supported.
    parser = PyEvtxParser(a)
    for record in parser.records_json():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for OmerBA from gravatar.com OmerBA

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

0.11.0

0.8.9

0.8.8

0.8.7

0.8.6

0.8.4

0.8.3

0.8.2

0.8.1

0.8.0

0.7.3

0.7.2

0.6.11

0.6.10

This version

0.6.9

0.6.8

0.6.7

0.6.6

0.6.5

0.6.3

0.6.2

0.5.1

0.4.0

0.3.2

0.3.0

0.2.7

0.2.6

0.2.5

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

evtx-0.6.9-cp38-none-win_amd64.whl (691.4 kB view details)

Uploaded CPython 3.8Windows x86-64

evtx-0.6.9-cp38-cp38-manylinux1_x86_64.whl (756.6 kB view details)

Uploaded CPython 3.8

evtx-0.6.9-cp38-cp38-macosx_10_7_x86_64.whl (689.1 kB view details)

Uploaded CPython 3.8macOS 10.7+ x86-64

evtx-0.6.9-cp37-cp37m-manylinux1_x86_64.whl (756.6 kB view details)

Uploaded CPython 3.7m

evtx-0.6.9-cp37-cp37m-macosx_10_7_x86_64.whl (689.1 kB view details)

Uploaded CPython 3.7mmacOS 10.7+ x86-64

evtx-0.6.9-cp36-cp36m-manylinux1_x86_64.whl (756.9 kB view details)

Uploaded CPython 3.6m

evtx-0.6.9-cp36-cp36m-macosx_10_7_x86_64.whl (689.5 kB view details)

Uploaded CPython 3.6mmacOS 10.7+ x86-64

evtx-0.6.9-cp35-cp35m-manylinux1_x86_64.whl (756.6 kB view details)

Uploaded CPython 3.5m

evtx-0.6.9-cp35-cp35m-macosx_10_7_x86_64.whl (688.7 kB view details)

Uploaded CPython 3.5mmacOS 10.7+ x86-64

File details

Details for the file evtx-0.6.9-cp38-none-win_amd64.whl.

File metadata

  • Download URL: evtx-0.6.9-cp38-none-win_amd64.whl
  • Upload date:
  • Size: 691.4 kB
  • Tags: CPython 3.8, Windows x86-64
  • Uploaded using Trusted Publishing? No
  • Uploaded via: maturin/0.8.2

File hashes

Hashes for evtx-0.6.9-cp38-none-win_amd64.whl
Algorithm Hash digest
SHA256 72ff3af47e80fa02848fac99d15a269c1aea43cdda4b53f1a36f9c157222c0aa
MD5 58afb7e4e14274028583152c0c29aae8
BLAKE2b-256 e2f3f3c34ccc4b8ec706edc93ddf6ec814c29bcbbf2a8789cf817bc25ad4634b

See more details on using hashes here.

File details

Details for the file evtx-0.6.9-cp38-cp38-manylinux1_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.6.9-cp38-cp38-manylinux1_x86_64.whl
Algorithm Hash digest
SHA256 84bde26bbe2b7010429f18c5d46c14010c2729e8b94d3a39bb48becafeec0dda
MD5 089e9f3526c2e339e8d247d48f50ae02
BLAKE2b-256 dd8c40b3a5519b7fd3893007952cb329552fa391b67fed5bbe2dbf62696ef7e7

See more details on using hashes here.

File details

Details for the file evtx-0.6.9-cp38-cp38-macosx_10_7_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.6.9-cp38-cp38-macosx_10_7_x86_64.whl
Algorithm Hash digest
SHA256 713be0378f8e7fa28d45c43a4f0e574b721b1a23d317c488184de6329789495e
MD5 21d96e72446fa05006fc4e1bf56fcc4c
BLAKE2b-256 243e20a0b4a8a7f754ec1a09de45365eef1159ed8700e9e3cb380033c45f33dd

See more details on using hashes here.

File details

Details for the file evtx-0.6.9-cp37-cp37m-manylinux1_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.6.9-cp37-cp37m-manylinux1_x86_64.whl
Algorithm Hash digest
SHA256 e7f351878fb5e77d54e3ffece57ba926937dde883232d68cc22c335112815f52
MD5 fb490d5a3b2fc9c541d889b09885ece7
BLAKE2b-256 f0eb02cffc7c360550699c50b437088fb72196a78469ff69210508a69fdcdbde

See more details on using hashes here.

File details

Details for the file evtx-0.6.9-cp37-cp37m-macosx_10_7_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.6.9-cp37-cp37m-macosx_10_7_x86_64.whl
Algorithm Hash digest
SHA256 2a0b1da3f7a0fe0744773d5813a1c66ea5dd9e2d72249f985b4a6c0901afd7de
MD5 e087922596e747d112921e602725a9fa
BLAKE2b-256 9ea3a954de0969b9d497d692beb099644ae5548e42fe8dbe5a7b421c8d4c2116

See more details on using hashes here.

File details

Details for the file evtx-0.6.9-cp36-cp36m-manylinux1_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.6.9-cp36-cp36m-manylinux1_x86_64.whl
Algorithm Hash digest
SHA256 b46eba7b3a4d6052ba9c0c2dba8c2b76facb0db4a22f1f69c93ea34bf9d02ac4
MD5 2576f4ae161347044c8a2b28c9a7a92a
BLAKE2b-256 c0e06946d15721e530b2e5cc6c2aa7575c24e41c92f717eb4a7d72e184a1ce15

See more details on using hashes here.

File details

Details for the file evtx-0.6.9-cp36-cp36m-macosx_10_7_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.6.9-cp36-cp36m-macosx_10_7_x86_64.whl
Algorithm Hash digest
SHA256 98ebb4a6190b40261c0eea8fc724a1e4782613dac99f28abcfdb0199a8bf0ce5
MD5 99162aef467a555a80b4e1bb73908f08
BLAKE2b-256 95689d8a830fadada32cc6e2e5b55f93d86084d1d60793015d75b8020be98c7e

See more details on using hashes here.

File details

Details for the file evtx-0.6.9-cp35-cp35m-manylinux1_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.6.9-cp35-cp35m-manylinux1_x86_64.whl
Algorithm Hash digest
SHA256 df656c1b45d48fa254d4cbe16a201f04775c5ae02ead1f7ae583cb68be869295
MD5 497cdf51444a8b311305a20ef409f79d
BLAKE2b-256 1e3acd9363fbc7abbaffa544979d5900674a9cbc0bf6533d994d26268b119e25

See more details on using hashes here.

File details

Details for the file evtx-0.6.9-cp35-cp35m-macosx_10_7_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.6.9-cp35-cp35m-macosx_10_7_x86_64.whl
Algorithm Hash digest
SHA256 82a4ff5c917e0f7cdd1ecf8de5d1fead5e659e673e514257bfc9eab4923101ce
MD5 d865dcb9d31c55898633a0c8afdc4732
BLAKE2b-256 5660f8c5e662e46701888795849b854e9f45c8c2e060d2d77ade1fcd088a27ea

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page