Pyvonix
commented
1 year ago Just a small mistake in the examples probably due to code/package rework.
Just remove the parser in the import line, like:
from evtx import PyEvtxParser
parser = PyEvtxParser("./evtx-supervisor/samples/Security_short_selected.evtx")
for record in parser.records_json():
print(f'Event Record ID: {record["event_record_id"]}')
print(f'Event Timestamp: {record["timestamp"]}')
print(record['data'])
print('------------------------------------------')
Event Record ID: 7
Event Timestamp: 2016-06-29 15:25:08.822 UTC
{
"Event": {
"#attributes": {
"xmlns": "http://schemas.microsoft.com/win/2004/08/events/event"
},
.....
Hello, it's impossible to import from evtx.parser.....why please ? how to use this one for json strings ? please