python-evtx Logo

python-evtx

0
Free
Visit Website

python-evtx is a pure Python parser for recent Windows Event Log files (those with the file extension ".evtx"). The module provides programmatic access to the File and Chunk headers, record templates, and event entries. For example, you can use python-evtx to review the event logs of Windows 7 systems from a Mac or Linux workstation. The structure definitions and parsing strategies were heavily inspired by the work of Andreas Schuster and his Perl implementation "Parse-Evtx".

FEATURES

ALTERNATIVES

ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.

Free

Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.

Free

Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.

Free

Serverless, real-time data analysis framework for incident detection and response.

Free

A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.

Free

Cybersecurity project for security monitoring of Node.js applications.

Free

Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.

Free

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.

Free

PINNED