williballenthin / python-evtx

Pure Python parser for Windows Event Log files (.evtx)
Apache License 2.0
732 stars 166 forks source link

Dump in JSON format #81

Closed ajread4 closed 1 year ago

ajread4 commented 1 year ago

I forked your work and modified evtx_dump.py (named to evtx_dump_json.py) to write output to a JSON file or to standard out. My use case is for graph learning research and I like to use JSON files (converted into Pandas Dataframes) as input.

Is there any interest in adding that functionality? I was thinking about doing a PR but I figured I should ask before doing so.

williballenthin commented 1 year ago

neat!

sure, happy to merge a new script, though I likely won't be able to offer support for it. i'll tag you on any future issues opened on Github and/or it can serve as an example to others.

thank you!

ajread4 commented 1 year ago

great! I will clean up some of the code and put in a PR. Feel free to tag me for future issues, I am more than happy to help out!