Pure Python parser for recent Windows event log files (.evtx).
Maintainers
Project description
python-evtx is a pure Python parser for Windows Event Log files (those with the file extension “.evtx”). The module provides programmatic access to the File and Chunk headers, record templates, and event entries. For example, you can use python-evtx to review the event logs of Windows 7 systems from a Mac or Linux workstation. The structure definitions and parsing strategies were heavily inspired by the work of Andreas Schuster and his Perl implementation “Parse-Evtx”.
Release history Release notifications
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
| Filename, size & hash SHA256 hash help | File type | Python version | Upload date |
|---|---|---|---|
| python_evtx-0.6.1-py2-none-any.whl (31.9 kB) Copy SHA256 hash SHA256 | Wheel | py2 | Jul 17, 2017 |
| python_evtx-0.6.1-py3-none-any.whl (31.9 kB) Copy SHA256 hash SHA256 | Wheel | py3 | Jul 17, 2017 |
| python-evtx-0.6.1.zip (32.1 kB) Copy SHA256 hash SHA256 | Source | None | Jul 17, 2017 |
