evtx


Nameevtx JSON
Version 0.8.7 PyPI version JSON
download
home_pageNone
SummaryPython bindings for https://github.com/omerbenamram/evtx
upload_time2024-11-03 13:06:03
maintainerNone
docs_urlNone
authorOmer Ben-Amram <omerbenamram@gmail.com>
requires_python>=3.7
licenseMIT/Apache-2.0
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            <div align="center">
  <!-- Downloads -->
  <a href="https://pypi.org/project/evtx/">
    <img src="https://pepy.tech/badge/evtx"
      alt="Download" />
  </a>
</div>


# pyevtx-rs

Python bindings for `https://github.com/omerbenamram/evtx/`.

## Installation

Available on PyPi - https://pypi.org/project/evtx/.

To install from PyPi - `pip install evtx`

### Wheels

Wheels are currently automatically built for Python 3.7+ using abi3 tag (which means they are compatible with all version from 3.7 onwards).

Supported platforms are:
  - Linux x86_64
  - macOS x86_64
  - macOS arm64 (m1)
  - Windows x86_64

### Installation from sources

Installation is possible for other platforms by installing from sources.

This requires a Rust compiler and a recent enough Setuptools and Pip.

Run `pip install -e .`

## Usage

The API surface is currently fairly limited (only yields events as XML/JSON documents), but is planned to be expanded in the future.


This will print each record as an XML string.

```python
from evtx import PyEvtxParser


def main():
    parser = PyEvtxParser("./samples/Security_short_selected.evtx")
    for record in parser.records():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')
```


And this will print each record as a JSON string.

```python
from evtx.parser import PyEvtxParser


def main():
    parser = PyEvtxParser("./samples/Security_short_selected.evtx")
    for record in parser.records_json():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')
```

File-like objects are also supported.

```python
from evtx.parser import PyEvtxParser


def main():
    a = open("./samples/Security_short_selected.evtx", 'rb')

    # io.BytesIO is also supported.
    parser = PyEvtxParser(a)
    for record in parser.records_json():
        print(f'Event Record ID: {record["event_record_id"]}')
        print(f'Event Timestamp: {record["timestamp"]}')
        print(record['data'])
        print(f'------------------------------------------')
```


            

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "evtx",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.7",
    "maintainer_email": null,
    "keywords": null,
    "author": "Omer Ben-Amram <omerbenamram@gmail.com>",
    "author_email": "Omer Ben-Amram <omerbenamram@gmail.com>",
    "download_url": null,
    "platform": null,
    "description": "<div align=\"center\">\n  <!-- Downloads -->\n  <a href=\"https://pypi.org/project/evtx/\">\n    <img src=\"https://pepy.tech/badge/evtx\"\n      alt=\"Download\" />\n  </a>\n</div>\n\n\n# pyevtx-rs\n\nPython bindings for `https://github.com/omerbenamram/evtx/`.\n\n## Installation\n\nAvailable on PyPi - https://pypi.org/project/evtx/.\n\nTo install from PyPi - `pip install evtx`\n\n### Wheels\n\nWheels are currently automatically built for Python 3.7+ using abi3 tag (which means they are compatible with all version from 3.7 onwards).\n\nSupported platforms are:\n  - Linux x86_64\n  - macOS x86_64\n  - macOS arm64 (m1)\n  - Windows x86_64\n\n### Installation from sources\n\nInstallation is possible for other platforms by installing from sources.\n\nThis requires a Rust compiler and a recent enough Setuptools and Pip.\n\nRun `pip install -e .`\n\n## Usage\n\nThe API surface is currently fairly limited (only yields events as XML/JSON documents), but is planned to be expanded in the future.\n\n\nThis will print each record as an XML string.\n\n```python\nfrom evtx import PyEvtxParser\n\n\ndef main():\n    parser = PyEvtxParser(\"./samples/Security_short_selected.evtx\")\n    for record in parser.records():\n        print(f'Event Record ID: {record[\"event_record_id\"]}')\n        print(f'Event Timestamp: {record[\"timestamp\"]}')\n        print(record['data'])\n        print(f'------------------------------------------')\n```\n\n\nAnd this will print each record as a JSON string.\n\n```python\nfrom evtx.parser import PyEvtxParser\n\n\ndef main():\n    parser = PyEvtxParser(\"./samples/Security_short_selected.evtx\")\n    for record in parser.records_json():\n        print(f'Event Record ID: {record[\"event_record_id\"]}')\n        print(f'Event Timestamp: {record[\"timestamp\"]}')\n        print(record['data'])\n        print(f'------------------------------------------')\n```\n\nFile-like objects are also supported.\n\n```python\nfrom evtx.parser import PyEvtxParser\n\n\ndef main():\n    a = open(\"./samples/Security_short_selected.evtx\", 'rb')\n\n    # io.BytesIO is also supported.\n    parser = PyEvtxParser(a)\n    for record in parser.records_json():\n        print(f'Event Record ID: {record[\"event_record_id\"]}')\n        print(f'Event Timestamp: {record[\"timestamp\"]}')\n        print(record['data'])\n        print(f'------------------------------------------')\n```\n\n",
    "bugtrack_url": null,
    "license": "MIT/Apache-2.0",
    "summary": "Python bindings for https://github.com/omerbenamram/evtx",
    "version": "0.8.7",
    "project_urls": null,
    "split_keywords": [],
    "urls": [
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "fc735f527bcc497dc87c0f03825aa822e437047b1c07deff515962d48da9b551",
                "md5": "a4fcbbe1b7578d5875ccb83750d9229d",
                "sha256": "944661a3d4a54e60a6597ce94a3e300c79029d6d09909cb154a4c10d8eaa4f8a"
            },
            "downloads": -1,
            "filename": "evtx-0.8.7-cp37-abi3-macosx_10_12_x86_64.whl",
            "has_sig": false,
            "md5_digest": "a4fcbbe1b7578d5875ccb83750d9229d",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 867075,
            "upload_time": "2024-11-03T13:06:03",
            "upload_time_iso_8601": "2024-11-03T13:06:03.262561Z",
            "url": "https://files.pythonhosted.org/packages/fc/73/5f527bcc497dc87c0f03825aa822e437047b1c07deff515962d48da9b551/evtx-0.8.7-cp37-abi3-macosx_10_12_x86_64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "dbd49fda5e2bf5083d49994a516f19ebae983e8c3935c22d0f50c552b60bef76",
                "md5": "0d9f62513696302c8f0d3aa8755dc7e9",
                "sha256": "5097c844438f481b2d3770b869bca3dfba59bc548777d4302ee115119197ef4b"
            },
            "downloads": -1,
            "filename": "evtx-0.8.7-cp37-abi3-macosx_11_0_arm64.whl",
            "has_sig": false,
            "md5_digest": "0d9f62513696302c8f0d3aa8755dc7e9",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 872622,
            "upload_time": "2024-11-03T13:06:05",
            "upload_time_iso_8601": "2024-11-03T13:06:05.624292Z",
            "url": "https://files.pythonhosted.org/packages/db/d4/9fda5e2bf5083d49994a516f19ebae983e8c3935c22d0f50c552b60bef76/evtx-0.8.7-cp37-abi3-macosx_11_0_arm64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "5844e989bb5773ed00eb4dbdff3ad4a51bc0db9723904e80fdfbeccd3d4ee668",
                "md5": "36f3779412a01d5789d6ae6e80d08d27",
                "sha256": "1b65c9903470e1a9c212d5cea1813cf3f3f4234747856e467506abcddb28575e"
            },
            "downloads": -1,
            "filename": "evtx-0.8.7-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
            "has_sig": false,
            "md5_digest": "36f3779412a01d5789d6ae6e80d08d27",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 827339,
            "upload_time": "2024-11-03T13:06:08",
            "upload_time_iso_8601": "2024-11-03T13:06:08.516811Z",
            "url": "https://files.pythonhosted.org/packages/58/44/e989bb5773ed00eb4dbdff3ad4a51bc0db9723904e80fdfbeccd3d4ee668/evtx-0.8.7-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "e77bc39a8a50245c396c32f44c93f0f28524f9a2570cd530660aaf6a8b9c980e",
                "md5": "034cca5839aec0be6d936371acef1dff",
                "sha256": "3aaf4c93c4f2cb4c81c1b3ebbf10e84c9d58dc4b803186ceada63fc98b29d82c"
            },
            "downloads": -1,
            "filename": "evtx-0.8.7-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
            "has_sig": false,
            "md5_digest": "034cca5839aec0be6d936371acef1dff",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 941577,
            "upload_time": "2024-11-03T13:06:10",
            "upload_time_iso_8601": "2024-11-03T13:06:10.878984Z",
            "url": "https://files.pythonhosted.org/packages/e7/7b/c39a8a50245c396c32f44c93f0f28524f9a2570cd530660aaf6a8b9c980e/evtx-0.8.7-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "a88e7256a33230000061750a6329b0c8113ec3723fb69a5fffa21b57db12cb77",
                "md5": "50aff4fecf3775cbcf4ec2e85a20c618",
                "sha256": "5eec5f2603ad03d6f828024492bbf409b0b2946e4f47b3b42a7fe3e508c51ede"
            },
            "downloads": -1,
            "filename": "evtx-0.8.7-cp37-abi3-musllinux_1_2_aarch64.whl",
            "has_sig": false,
            "md5_digest": "50aff4fecf3775cbcf4ec2e85a20c618",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 823903,
            "upload_time": "2024-11-03T13:06:12",
            "upload_time_iso_8601": "2024-11-03T13:06:12.865606Z",
            "url": "https://files.pythonhosted.org/packages/a8/8e/7256a33230000061750a6329b0c8113ec3723fb69a5fffa21b57db12cb77/evtx-0.8.7-cp37-abi3-musllinux_1_2_aarch64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "fcf59ddadb7472f2e2abba7779df48b862c4db97ee50cfce1525f37d728c3220",
                "md5": "bbaf47b8108a31cbe505882b2dfb29ee",
                "sha256": "5cd751799a415a39a49787cc4c8fb2cd485e9c2eeb9a7a8713daf83040d36c5b"
            },
            "downloads": -1,
            "filename": "evtx-0.8.7-cp37-abi3-musllinux_1_2_x86_64.whl",
            "has_sig": false,
            "md5_digest": "bbaf47b8108a31cbe505882b2dfb29ee",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 853840,
            "upload_time": "2024-11-03T13:06:15",
            "upload_time_iso_8601": "2024-11-03T13:06:15.483192Z",
            "url": "https://files.pythonhosted.org/packages/fc/f5/9ddadb7472f2e2abba7779df48b862c4db97ee50cfce1525f37d728c3220/evtx-0.8.7-cp37-abi3-musllinux_1_2_x86_64.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "80c2947bd4e1ed095a116dce43150d58e0cf101d21abbd9460b960dd18f44b26",
                "md5": "f0ef0855dddcd25e83335c6e3d8599e8",
                "sha256": "1566eb41e67aa75e6b7574f8986e3288706e7c3e321b1fefe5e61bede1292786"
            },
            "downloads": -1,
            "filename": "evtx-0.8.7-cp37-abi3-win_amd64.whl",
            "has_sig": false,
            "md5_digest": "f0ef0855dddcd25e83335c6e3d8599e8",
            "packagetype": "bdist_wheel",
            "python_version": "cp37",
            "requires_python": ">=3.7",
            "size": 732619,
            "upload_time": "2024-11-03T13:06:17",
            "upload_time_iso_8601": "2024-11-03T13:06:17.682156Z",
            "url": "https://files.pythonhosted.org/packages/80/c2/947bd4e1ed095a116dce43150d58e0cf101d21abbd9460b960dd18f44b26/evtx-0.8.7-cp37-abi3-win_amd64.whl",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-11-03 13:06:03",
    "github": false,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "lcname": "evtx"
}
        
Elapsed time: 0.64118s