Loop through the records in reversed order

williballenthin / python-evtx

Pure Python parser for Windows Event Log files (.evtx)

Apache License 2.0

719 stars 165 forks source link

Loop through the records in reversed order #86

Closed CaledoniaProject closed 1 year ago

CaledoniaProject commented 1 year ago

How can I loop through the records from bottom up?

williballenthin commented 1 year ago

the easiest way will be to parse all the events and then reverse the list.

it's probably possible to enumerate the chunks in reverse order, and from there get the events from each chunk and reverse them. this will require you to take a look into this library's code and understand it a bit. there is not a built in routine for this use case and the file format also isn't designed for it.