Pure Python parser for recent Windows event log files (.evtx).
Project description
python-evtx is a pure Python parser for Windows Event Log files (those with the file extension “.evtx”). The module provides programmatic access to the File and Chunk headers, record templates, and event entries. For example, you can use python-evtx to review the event logs of Windows 7 systems from a Mac or Linux workstation. The structure definitions and parsing strategies were heavily inspired by the work of Andreas Schuster and his Perl implementation “Parse-Evtx”.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
python-evtx-0.7.2.tar.gz
(23.9 kB
view details)
Built Distribution
File details
Details for the file python-evtx-0.7.2.tar.gz.
File metadata
- Download URL: python-evtx-0.7.2.tar.gz
- Upload date:
- Size: 23.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.3.0 pkginfo/1.7.0 requests/2.25.1 setuptools/49.2.1 requests-toolbelt/0.9.1 tqdm/4.56.2 CPython/3.9.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a93e6220a5a0f9507d527040832befa9f867a4af04f352ceddb425ba90a5e977 |
|
| MD5 | b67fccdf1f94e03581f506557cc15ac6 |
|
| BLAKE2b-256 | 297e419b9165ac3dbd2c703344f23478aeec438928b9334026415aec4ea61863 |
File details
Details for the file python_evtx-0.7.2-py3-none-any.whl.
File metadata
- Download URL: python_evtx-0.7.2-py3-none-any.whl
- Upload date:
- Size: 35.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.3.0 pkginfo/1.7.0 requests/2.25.1 setuptools/49.2.1 requests-toolbelt/0.9.1 tqdm/4.56.2 CPython/3.9.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c3cc09a48dc73b25e4b62e7ebd08598cb72eab6a40b62a6c91abebe06ed5d5d6 |
|
| MD5 | f8803fc90e3ee8432af25669eccb0a46 |
|
| BLAKE2b-256 | 5b9bcaa417dcef04d94682517076381e2b43c30cee643759bbbee6ddcc578f44 |
