Pure Python parser for recent Windows event log files (.evtx).

Navigation

Project links

Statistics

View statistics for this project via Libraries.io, or by using Google BigQuery

Meta

License: Apache 2.0 License

Author: Willi Ballenthin

Maintainers

Avatar for williballenthin from gravatar.com williballenthin

Project description

python-evtx is a pure Python parser for Windows Event Log files (those with the file extension “.evtx”). The module provides programmatic access to the File and Chunk headers, record templates, and event entries. For example, you can use python-evtx to review the event logs of Windows 7 systems from a Mac or Linux workstation. The structure definitions and parsing strategies were heavily inspired by the work of Andreas Schuster and his Perl implementation “Parse-Evtx”.

Project details

Project links

Statistics

View statistics for this project via Libraries.io, or by using Google BigQuery

Meta

License: Apache 2.0 License

Author: Willi Ballenthin

Maintainers

Avatar for williballenthin from gravatar.com williballenthin

Release history Release notifications

This version

0.6.1

0.6.0

0.5.3

0.5.2

0.5.1

0.5.0

0.3.2

0.3.1

0.3.0

0.2.4

0.2.3

0.2.2

0.2

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for python-evtx, version 0.6.1
Filename, size & hash File type Python version Upload date
python_evtx-0.6.1-py2-none-any.whl (31.9 kB) View hashes Wheel py2
python_evtx-0.6.1-py3-none-any.whl (31.9 kB) View hashes Wheel py3
python-evtx-0.6.1.zip (32.1 kB) View hashes Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page