evtx


Nameevtx JSON
Version 0.8.9 PyPI version JSON
download
home_pageNone
SummaryPython bindings for https://github.com/omerbenamram/evtx
upload_time2025-02-21 20:56:52
maintainerNone
docs_urlNone
authorOmer Ben-Amram <omerbenamram@gmail.com>
requires_python>=3.7
licenseMIT/Apache-2.0
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            <div align="center">
  <!-- Downloads -->
  <a href="https://pypi.org/project/evtx/">
    <img src="https://pepy.tech/badge/evtx"
      alt="Download" />
  </a>
</div>


# pyevtx-rs

Python bindings for `https://github.com/omerbenamram/evtx/`.

## Installation

Available on PyPi - https://pypi.org/project/evtx/.

To install from PyPi - `pip install evtx`

### Wheels

Wheels are currently automatically built for Python 3.7+ using abi3 tag (which means they are compatible with all version from 3.7 onwards).

Supported platforms are:
  - Linux x86_64
  - macOS x86_64
  - macOS arm64 (m1)
  - Windows x86_64

### Installation from sources

Installation is possible for other platforms by installing from sources.

This requires a Rust compiler and a recent enough Setuptools and Pip.

Run `pip install -e .`

## Usage

The API surface is currently fairly limited (only yields events as XML/JSON documents), but is planned to be expanded in the future.


This will print each record as an XML string.

```python
from evtx import PyEvtxParser


def main():
    parser = PyEvtxParser("./samples/Security_short_selected.evtx")
    for record in parser.records():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')
```


And this will print each record as a JSON string.

```python
from evtx.parser import PyEvtxParser


def main():
    parser = PyEvtxParser("./samples/Security_short_selected.evtx")
    for record in parser.records_json():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')
```

File-like objects are also supported.

```python
from evtx.parser import PyEvtxParser


def main():
    a = open("./samples/Security_short_selected.evtx", 'rb')

    # io.BytesIO is also supported.
    parser = PyEvtxParser(a)
    for record in parser.records_json():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')
```


            

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "evtx",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.7",
    "maintainer_email": null,
    "keywords": null,
    "author": "Omer Ben-Amram <omerbenamram@gmail.com>",
    "author_email": "Omer Ben-Amram <omerbenamram@gmail.com>",
    "download_url": null,
    "platform": null,
    "description": "<div align=\"center\">\n  <!-- Downloads -->\n  <a href=\"https://pypi.org/project/evtx/\">\n    <img src=\"https://pepy.tech/badge/evtx\"\n      alt=\"Download\" />\n  </a>\n</div>\n\n\n# pyevtx-rs\n\nPython bindings for `https://github.com/omerbenamram/evtx/`.\n\n## Installation\n\nAvailable on PyPi - https://pypi.org/project/evtx/.\n\nTo install from PyPi - `pip install evtx`\n\n### Wheels\n\nWheels are currently automatically built for Python 3.7+ using abi3 tag (which means they are compatible with all version from 3.7 onwards).\n\nSupported platforms are:\n  - Linux x86_64\n  - macOS x86_64\n  - macOS arm64 (m1)\n  - Windows x86_64\n\n### Installation from sources\n\nInstallation is possible for other platforms by installing from sources.\n\nThis requires a Rust compiler and a recent enough Setuptools and Pip.\n\nRun `pip install -e .`\n\n## Usage\n\nThe API surface is currently fairly limited (only yields events as XML/JSON documents), but is planned to be expanded in the future.\n\n\nThis will print each record as an XML string.\n\n```python\nfrom evtx import PyEvtxParser\n\n\ndef main():\n    parser = PyEvtxParser(\"./samples/Security_short_selected.evtx\")\n    for record in parser.records():\n        print(f'Event Record ID: {record[\"event_record_id\"]}')\n        print(f'Event Timestamp: {record[\"timestamp\"]}')\n        print(record['data'])\n        print(f'------------------------------------------')\n```\n\n\nAnd this will print each record as a JSON string.\n\n```python\nfrom evtx.parser import PyEvtxParser\n\n\ndef main():\n    parser = PyEvtxParser(\"./samples/Security_short_selected.evtx\")\n    for record in parser.records_json():\n        print(f'Event Record ID: {record[\"event_record_id\"]}')\n        print(f'Event Timestamp: {record[\"timestamp\"]}')\n        print(record['data'])\n        print(f'------------------------------------------')\n```\n\nFile-like objects are also supported.\n\n```python\nfrom evtx.parser import PyEvtxParser\n\n\ndef main():\n    a = open(\"./samples/Security_short_selected.evtx\", 'rb')\n\n    # io.BytesIO is also supported.\n    parser = PyEvtxParser(a)\n    for record in parser.records_json():\n        print(f'Event Record ID: {record[\"event_record_id\"]}')\n        print(f'Event Timestamp: {record[\"timestamp\"]}')\n        print(record['data'])\n        print(f'------------------------------------------')\n```\n\n",
    "bugtrack_url": null,
    "license": "MIT/Apache-2.0",
    "summary": "Python bindings for https://github.com/omerbenamram/evtx",
    "version": "0.8.9",
    "project_urls": null,
    "split_keywords": [],
    "urls": [
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "1a866e229469c6e40e06721a04cfeed37105013673cdb0ddcc804fc03670d26a",
                "md5": "c8a9c2d472db36081c7dcfe23f060e5a",
                "sha256": "ec30a230bfc8b7db0a614f6e3d80f970162c0d9657e0cb0ffc340597fbcc8ad5"
            },
            "downloads": -1,
            "filename": "evtx-0.8.9-cp37-abi3-macosx_10_12_x86_64.whl",
            "has_sig": false,
            "md5_digest": "c8a9c2d472db36081c7dcfe23f060e5a",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 889726,
            "upload_time": "2025-02-21T20:56:52",
            "upload_time_iso_8601": "2025-02-21T20:56:52.248061Z",
            "url": "https://files.pythonhosted.org/packages/1a/86/6e229469c6e40e06721a04cfeed37105013673cdb0ddcc804fc03670d26a/evtx-0.8.9-cp37-abi3-macosx_10_12_x86_64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "d4564dc8ba8e611d58e85b7889479fbe4607c1dfad820c9f9632be23127b0653",
                "md5": "68ff989025a9cceb2d81f77e7f4873df",
                "sha256": "4642e0d380733f567541cb8e080ccd1db17439223a6f020340c05a791511db42"
            },
            "downloads": -1,
            "filename": "evtx-0.8.9-cp37-abi3-macosx_11_0_arm64.whl",
            "has_sig": false,
            "md5_digest": "68ff989025a9cceb2d81f77e7f4873df",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 884090,
            "upload_time": "2025-02-21T20:56:54",
            "upload_time_iso_8601": "2025-02-21T20:56:54.845429Z",
            "url": "https://files.pythonhosted.org/packages/d4/56/4dc8ba8e611d58e85b7889479fbe4607c1dfad820c9f9632be23127b0653/evtx-0.8.9-cp37-abi3-macosx_11_0_arm64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "caef42cd331822995fbd1ebea6f7147565ab5e25ef3920e80aa4cbc91559ca60",
                "md5": "bf83c76c519e56521da15324bede27b8",
                "sha256": "b86ae96784dafdc46c43b64ab5d36a15d45032fa683dedbf98b096b23abb14c8"
            },
            "downloads": -1,
            "filename": "evtx-0.8.9-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
            "has_sig": false,
            "md5_digest": "bf83c76c519e56521da15324bede27b8",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 843226,
            "upload_time": "2025-02-21T20:56:56",
            "upload_time_iso_8601": "2025-02-21T20:56:56.986207Z",
            "url": "https://files.pythonhosted.org/packages/ca/ef/42cd331822995fbd1ebea6f7147565ab5e25ef3920e80aa4cbc91559ca60/evtx-0.8.9-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "67bcd1c58d439a802670808684115e41275eae8729f16e36a23503bf82dad5a5",
                "md5": "d1e27f76a607c46c7b5bee29116310e8",
                "sha256": "84a17d9852202e2aa6a6b0a8f3489eae0b62afba4eaf5a231d703ad98f745e42"
            },
            "downloads": -1,
            "filename": "evtx-0.8.9-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
            "has_sig": false,
            "md5_digest": "d1e27f76a607c46c7b5bee29116310e8",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 964341,
            "upload_time": "2025-02-21T20:56:59",
            "upload_time_iso_8601": "2025-02-21T20:56:59.023301Z",
            "url": "https://files.pythonhosted.org/packages/67/bc/d1c58d439a802670808684115e41275eae8729f16e36a23503bf82dad5a5/evtx-0.8.9-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "4dac26562cf053f7dac31925265ed471f0c0f5f5267071b4a846d733a7fa229a",
                "md5": "9a7c64224d213a6bb30cc489b29d5e14",
                "sha256": "5bb43df9687e3d75a8a8ceeac08fbab3d814eddee418b4cdae7a8669a28c50bd"
            },
            "downloads": -1,
            "filename": "evtx-0.8.9-cp37-abi3-musllinux_1_2_aarch64.whl",
            "has_sig": false,
            "md5_digest": "9a7c64224d213a6bb30cc489b29d5e14",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 839596,
            "upload_time": "2025-02-21T20:57:01",
            "upload_time_iso_8601": "2025-02-21T20:57:01.403820Z",
            "url": "https://files.pythonhosted.org/packages/4d/ac/26562cf053f7dac31925265ed471f0c0f5f5267071b4a846d733a7fa229a/evtx-0.8.9-cp37-abi3-musllinux_1_2_aarch64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "7b61718325937d4c0fa4da2dcdbbc1c02148ffc229727d310f3a52ea6388c26c",
                "md5": "ae8c9b7a3073cfff0c8d48a86c54985a",
                "sha256": "694e56853b2f33c234d922afe3fff6d2260c3742eef5b1581a9b0d834714829d"
            },
            "downloads": -1,
            "filename": "evtx-0.8.9-cp37-abi3-musllinux_1_2_x86_64.whl",
            "has_sig": false,
            "md5_digest": "ae8c9b7a3073cfff0c8d48a86c54985a",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 870567,
            "upload_time": "2025-02-21T20:57:03",
            "upload_time_iso_8601": "2025-02-21T20:57:03.504902Z",
            "url": "https://files.pythonhosted.org/packages/7b/61/718325937d4c0fa4da2dcdbbc1c02148ffc229727d310f3a52ea6388c26c/evtx-0.8.9-cp37-abi3-musllinux_1_2_x86_64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "e1b03d164b2adcb190905bdfb9b19f06bbcff5264c40a695542dbd35e4bc2895",
                "md5": "159b06496358576593ddca5312ae5b6f",
                "sha256": "a3148e4d11f6e84732d8c42f733908e9648313fc1a4ab09e093001d2dea43f89"
            },
            "downloads": -1,
            "filename": "evtx-0.8.9-cp37-abi3-win_amd64.whl",
            "has_sig": false,
            "md5_digest": "159b06496358576593ddca5312ae5b6f",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 745874,
            "upload_time": "2025-02-21T20:57:04",
            "upload_time_iso_8601": "2025-02-21T20:57:04.869340Z",
            "url": "https://files.pythonhosted.org/packages/e1/b0/3d164b2adcb190905bdfb9b19f06bbcff5264c40a695542dbd35e4bc2895/evtx-0.8.9-cp37-abi3-win_amd64.whl",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2025-02-21 20:56:52",
    "github": false,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "lcname": "evtx"
}
        
Elapsed time: 1.91081s