Python bindings for https://github.com/omerbenamram/evtx

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for OmerBA from gravatar.com OmerBA

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Project description

pyevtx-rs

Python bindings for https://github.com/omerbenamram/evtx/.

Installation

Available on PyPi - https://pypi.org/project/evtx/.

To install from PyPi - pip install evtx

Wheels

Wheels are currently automatically built for Python 3.7+ using abi3 tag (which means they are compatible with all version from 3.7 onwards).

Supported platforms are:

  • Linux x86_64
  • macOS x86_64
  • macOS arm64 (m1)
  • Windows x86_64

Installation from sources

Installation is possible for other platforms by installing from sources.

This requires a Rust compiler and a recent enough Setuptools and Pip.

Run pip install -e .

Usage

The API surface is currently fairly limited (only yields events as XML/JSON documents), but is planned to be expanded in the future.

This will print each record as an XML string.

from evtx import PyEvtxParser


def main():
    parser = PyEvtxParser("./samples/Security_short_selected.evtx")
    for record in parser.records():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')

And this will print each record as a JSON string.

from evtx.parser import PyEvtxParser


def main():
    parser = PyEvtxParser("./samples/Security_short_selected.evtx")
    for record in parser.records_json():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')

File-like objects are also supported.

from evtx.parser import PyEvtxParser


def main():
    a = open("./samples/Security_short_selected.evtx", 'rb')

    # io.BytesIO is also supported.
    parser = PyEvtxParser(a)
    for record in parser.records_json():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for OmerBA from gravatar.com OmerBA

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

This version

0.8.8

0.8.7

0.8.6

0.8.4

0.8.3

0.8.2

0.8.1

0.8.0

0.7.3

0.7.2

0.6.11

0.6.10

0.6.9

0.6.8

0.6.7

0.6.6

0.6.5

0.6.3

0.6.2

0.5.1

0.4.0

0.3.2

0.3.0

0.2.7

0.2.6

0.2.5

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

evtx-0.8.8-cp37-abi3-win_amd64.whl (736.3 kB view details)

Uploaded CPython 3.7+ Windows x86-64

evtx-0.8.8-cp37-abi3-musllinux_1_2_x86_64.whl (857.6 kB view details)

Uploaded CPython 3.7+ musllinux: musl 1.2+ x86-64

evtx-0.8.8-cp37-abi3-musllinux_1_2_aarch64.whl (828.7 kB view details)

Uploaded CPython 3.7+ musllinux: musl 1.2+ ARM64

evtx-0.8.8-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (950.3 kB view details)

Uploaded CPython 3.7+ manylinux: glibc 2.17+ x86-64

evtx-0.8.8-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (832.0 kB view details)

Uploaded CPython 3.7+ manylinux: glibc 2.17+ ARM64

evtx-0.8.8-cp37-abi3-macosx_11_0_arm64.whl (885.9 kB view details)

Uploaded CPython 3.7+ macOS 11.0+ ARM64

evtx-0.8.8-cp37-abi3-macosx_10_12_x86_64.whl (874.7 kB view details)

Uploaded CPython 3.7+ macOS 10.12+ x86-64

File details

Details for the file evtx-0.8.8-cp37-abi3-win_amd64.whl.

File metadata

  • Download URL: evtx-0.8.8-cp37-abi3-win_amd64.whl
  • Upload date:
  • Size: 736.3 kB
  • Tags: CPython 3.7+, Windows x86-64
  • Uploaded using Trusted Publishing? No
  • Uploaded via: maturin/1.7.4

File hashes

Hashes for evtx-0.8.8-cp37-abi3-win_amd64.whl
Algorithm Hash digest
SHA256 e2faf09f6e04a10e442ab657e3314ed6dd1ba831e9ff1d4da98209e764da0a09
MD5 10b28d766991ca0572a804110dc8359c
BLAKE2b-256 c5e1062cd7af344909399f0d36a5292bcdff68b4b2d8cda4e402e0339e4e3735

See more details on using hashes here.

File details

Details for the file evtx-0.8.8-cp37-abi3-musllinux_1_2_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.8.8-cp37-abi3-musllinux_1_2_x86_64.whl
Algorithm Hash digest
SHA256 c745fa0d08532403d1f1ba3ed8a0f5065a698997e8dff21cfe6e686e0584b922
MD5 708f7d4e478426df1b4f35821212e53a
BLAKE2b-256 703c1cb5536054c2fa8f36d48b12c5502a9fae1c958cb10149db8a2340641c93

See more details on using hashes here.

File details

Details for the file evtx-0.8.8-cp37-abi3-musllinux_1_2_aarch64.whl.

File metadata

File hashes

Hashes for evtx-0.8.8-cp37-abi3-musllinux_1_2_aarch64.whl
Algorithm Hash digest
SHA256 35ebfc5ad03c9225c52a886d2542ecab7dc66ad61059bb4a865fcd4383397ae7
MD5 24cfc451074062af50bc187683b25f98
BLAKE2b-256 0165a56d5891a12a055a9de9e54e1036b19226acc2edde1cbdcfc8207a0c1b4f

See more details on using hashes here.

File details

Details for the file evtx-0.8.8-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.8.8-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 9361992e982a8e68834ad11aae524c559b7e255d0491552aa766d3bb3b678dbd
MD5 df24ba77a9af493fb1fe65980da17a29
BLAKE2b-256 49c8e0b0e6f55c05ed032ad53465d676c5fb7f74ee79806484aa094700c75c6a

See more details on using hashes here.

File details

Details for the file evtx-0.8.8-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl.

File metadata

File hashes

Hashes for evtx-0.8.8-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
Algorithm Hash digest
SHA256 280007163742ee7da2f118544e00d0525e7d16217e33d2ba6453d58007f5e2bb
MD5 2edac933830cd7ebbbe277f81d070b69
BLAKE2b-256 d92236393b3cf59b4c7177a19b4daf5205dbd98cfcf02e20cb8123643a247ae9

See more details on using hashes here.

File details

Details for the file evtx-0.8.8-cp37-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for evtx-0.8.8-cp37-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 bc237fc9d0af3e20d40531a760dea9397b6ee551780ca7a910e4088185899a3f
MD5 887940d1989bdf42893f613d53340fe5
BLAKE2b-256 e41b86966e4a9badf992deab3cfd6c6e611b81237072c32f00610a922b0b994f

See more details on using hashes here.

File details

Details for the file evtx-0.8.8-cp37-abi3-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for evtx-0.8.8-cp37-abi3-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 629b3622537f2877ed39f3deeb73d302aa2782d0a16e15b71b59b07b8af9a501
MD5 5002212ffe574596605f818746cf7b36
BLAKE2b-256 c1441ac3639fe4137912d13d88dd3564aa1fc7eff4cad9355a14c3394189876f

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page