python-evtx | Pure Python parser for recent Windows Event Log files

by williballenthin Python Version: 0.7.4 License: Apache-2.0

X-Ray Key Features Code Snippets(4)Community Discussions(3)Vulnerabilities Install Support

kandi X-RAY | python-evtx Summary

python-evtx is a Python library typically used in Logging applications. python-evtx has no bugs, it has no vulnerabilities, it has build file available, it has a Permissive License and it has low support. You can install using 'pip install python-evtx' or download it from GitHub, PyPI.

python-evtx is a pure Python parser for recent Windows Event Log files (those with the file extension ".evtx"). The module provides programmatic access to the File and Chunk headers, record templates, and event entries. For example, you can use python-evtx to review the event logs of Windows 7 systems from a Mac or Linux workstation. The structure definitions and parsing strategies were heavily inspired by the work of Andreas Schuster and his Perl implementation "Parse-Evtx".

Support

Quality

Security

License

Reuse

Support

python-evtx has a low active ecosystem.

It has 603 star(s) with 158 fork(s). There are 42 watchers for this library.

It had no major release in the last 12 months.

There are 19 open issues and 50 have been closed. On average issues are closed in 106 days. There are no pull requests.

It has a neutral sentiment in the developer community.

The latest version of python-evtx is 0.7.4

Quality

python-evtx has 0 bugs and 0 code smells.

Security

python-evtx has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

python-evtx code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

python-evtx is licensed under the Apache-2.0 License. This license is Permissive.

Permissive licenses have the least restrictions, and you can use them in most projects.

Reuse

python-evtx releases are available to install and integrate.

Deployable package is available in PyPI.

Build file is available. You can build the component from source.

Installation instructions, examples and code snippets are available.

python-evtx saves you 1154 person hours of effort in developing the same functionality from scratch.

It has 2699 lines of code, 416 functions and 25 files.

It has medium code complexity. Code complexity directly impacts maintainability of the code.

Top functions reviewed by kandi - BETA

kandi has reviewed python-evtx and discovered the below as its top functions. This is intended to give you an instant insight into python-evtx implemented functionality, and help decide if they suit your requirements.

Describes a BXML node
Parse substitutions
Unpacks a byte value from the buffer
Unpack a DWord value from the buffer
Return the content of an XML template
Load all strings
List of strings
Attribute name
Format a file header
Generate a generator of ChunkHeader objects
Get record by record number
Return an iterator of ChunkHeader objects
Generate the XML representation of an EVTX chunk
Return a lxml representation of the document
Return the XML representation of this record
Yield XML records from a file
Unpack a DOS date value
Iterates over the records
Return a template node
Verify the header
Return an iterator over all records in the record
Parse the filetime at the given offset
Unpack a string from the stream
Return the data from the buffer
The XML data for this event
Verify the signature
Calculate the header checksum of the header
Generator for matching XML records
Calculates the header checksum of the header

Get all kandi verified functions for this library.

python-evtx Key Features

No Key Features are available at this moment for python-evtx.

python-evtx Examples and Code Snippets

Get element value by name from xml file using Python xml.etree.ElementTree

Python

Lines of Code : 17

License : Strong Copyleft (CC BY-SA 4.0)

Copy

import xml.etree.ElementTree as ET

ns_map = {
  'e': 'http://schemas.microsoft.com/win/2004/08/events/event'
}

tree = ET.parse('xmlfile1.txt')

# specific node
ip_address = tree.find('.//e:EventData/e:Data[@Name="IpAddress"]', ns_map)
if

Form image data, how to handle image?

Python

Lines of Code : 4

License : Strong Copyleft (CC BY-SA 4.0)

Copy

request.files["image"].save("./imageToSave.jpg")

image = "./imageToSave.jpg"

How to use os.system to convert all files in a folder at once using external python script

Python

Lines of Code : 100

License : Strong Copyleft (CC BY-SA 4.0)

Copy

import threading
import os

def file_converter(file):
    os.system("file_converter.py {0} > {1}".format(file, file.replace(".evtx", ".xml")))

base_dir = "C:\\Users\\carlo.zanocco\\Desktop\\test_dir\\"

for file in os.listdir(base_dir)

Most Effecient way to parse Evtx files for specific content

Python

Lines of Code : 5

License : Strong Copyleft (CC BY-SA 4.0)

Copy

$Username = 'jdoe'
$XPathFilter = "*[System[(EventID=4624)] and EventData[Data[@Name='SubjectUserName'] and (Data='$Username')]]"

Get-WinEvent -Path C:\path\to\log\files\*.evtx -FilterXPath $XPathFilter

Community Discussions

Trending Discussions on python-evtx

Get element value by name from xml file using Python xml.etree.ElementTree

Form image data, how to handle image?

How to use os.system to convert all files in a folder at once using external python script

QUESTION

Get element value by name from xml file using Python xml.etree.ElementTree

Asked 2022-Apr-03 at 09:20

I am using the python-evtx module to parse Windows event logs. I am converting the output to XML using xml.etree.ElementTree and then trying to parse through each entry to get the value from a certain key value by its name.

I have the following code to show the different key values with the text I want to access;

...

ANSWER

Answered 2022-Apr-03 at 09:20

What I am trying to do is be able to get the value of a particular key value such as "{http://schemas.microsoft.com/win/2004/08/events/event}Data {'Name': 'IpAddress'} -"

Use XPath and a namespace map.

Source https://stackoverflow.com/questions/71723334

QUESTION

Form image data, how to handle image?

Asked 2022-Feb-22 at 16:03

So I send a Form to my Flask App and wish to receive the Form image data input and pass it to another function.

Example of form:

...

ANSWER

Answered 2022-Feb-22 at 16:03

My mistake, as @teddybearsuicide pointed out was that I was passing a file handle and not a file pointer.

Maybe there is a better way but I just saved it locally on the EC2 based on this

Solution

Source https://stackoverflow.com/questions/71177009

QUESTION

How to use os.system to convert all files in a folder at once using external python script

Asked 2020-Feb-04 at 13:11

I've managed to find out the method to convert a file from one file extension to another (.evtx to .xml) using an external script. Below is what I am using:

...

ANSWER

Answered 2020-Feb-03 at 11:57

import os, sys

DIR = "D:/Test"

# ...or as a command line argument

DIR = sys.argv[1]

for f in os.listdir(DIR):
    path = os.path.join(DIR, f)

    name, ext = os.path.splitext(f)

    if ext == ".txt":
        new_path = os.path.join(DIR, f"{name}.xml")    

        os.rename(path, new_path)

Source https://stackoverflow.com/questions/60038561

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install python-evtx

Updates to python-evtx are pushed to PyPi, so you can install the module using either easy_install or pip. For example, you can use pip like so:. The source code for python-evtx is hosted at Github, and you may download, fork, and review it from this repository (http://www.github.com/williballenthin/python-evtx). Please report issues or feature requests through Github’s bug tracker associated with the project.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: