python-evtx

Event log parser

A Python module for parsing Windows Event Log files (.evtx) into structured data

Pure Python parser for Windows Event Log files (.evtx)

GitHub
732 stars
43 watching
166 forks
Language: Python
last commit: 7 months ago
Linked from 1 awesome list

event-logevtxforensics

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
williballenthin/python-evt A Python module for parsing classic Windows Event Log files (.evt) 49
ericzimmerman/evtx Tool to parse Event Viewer logs and extract useful information 283
williballenthin/evtxtract Reconstructs fragments of event log data from raw binary files, including unallocated space and memory images. 191
sumeshi/evtx2es A Python library that enables fast import of Windows Event Logs into Elasticsearch 82
fox-it/dissect.eventlog Provides parsers for parsing Windows log file formats 6
yarox24/evtkit Tool to repair Windows Event Log files (.evt) acquired during forensic investigations 18
williballenthin/shellbags This tool helps reconstruct user activities by parsing Windows Registry data. 151
williballenthin/lfle Recover event log entries from an image by identifying record structures. 27
williballenthin/indxparse A tool suite for parsing NTFS artifacts and extracting information from INDX files. 215
williballenthin/process-forest Tools for reconstructing historical process hierarchies from Windows event logs. 146
reed1713/elat A toolset for analyzing Windows event logs to detect and analyze malware 29
abrignoni/ileapp Tools for extracting and parsing iOS device data from compressed files or backups 767
abrignoni/aleapp An Android log parser and Protobuf analyzer written in Python 536
fox-it/dissect.etl A parser for Event Trace Log files used by the Windows operating system to log kernel events. 2
sbousseaden/evtx-attack-samples A repository of Windows Event log samples associated with various attack and post-exploitation techniques. 2,265