Pure Python parser for recent Windows event log files (.evtx).

Navigation

Project links

Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: Apache 2.0 License

Author: Willi Ballenthin

Maintainers

Avatar for williballenthin from gravatar.com williballenthin

Project description

python-evtx is a pure Python parser for Windows Event Log files (those with the file extension “.evtx”). The module provides programmatic access to the File and Chunk headers, record templates, and event entries. For example, you can use python-evtx to review the event logs of Windows 7 systems from a Mac or Linux workstation. The structure definitions and parsing strategies were heavily inspired by the work of Andreas Schuster and his Perl implementation “Parse-Evtx”.

Project details

Project links

Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: Apache 2.0 License

Author: Willi Ballenthin

Maintainers

Avatar for williballenthin from gravatar.com williballenthin

Release history Release notifications | RSS feed

0.7.4

0.7.2

This version

0.6.1

0.6.0

0.5.3

0.5.2

0.5.1

0.5.0

0.3.2

0.3.1

0.3.0

0.2.4

0.2.3

0.2.2

0.2

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

python-evtx-0.6.1.zip (32.1 kB view hashes)

Uploaded source

Built Distributions

python_evtx-0.6.1-py3-none-any.whl (31.9 kB view hashes)

Uploaded py3

python_evtx-0.6.1-py2-none-any.whl (31.9 kB view hashes)

Uploaded py2

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page