Skip to content

Commit b0bc270

Browse files
williballenthinwilliballenthin
committed
Merge branch 'master' of github.com:williballenthin/python-evtx
2 parents 8863c05 + 40e2e50 commit b0bc270

File tree

1 file changed

+6
-14
lines changed

1 file changed

+6
-14
lines changed

README.md

Lines changed: 6 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,7 @@ Joachim Metz also released a cross-platform, LGPL licensed C++ based parser in 2
1818

1919
Dependencies
2020
------------
21-
python-evtx was developed using the 2.7 tag of the Python programming language. As it is purely Python, the module works equally well across platforms. The code does not depend on any modules that require separate compilation.
22-
23-
python-evtx is not yet Python 3 compatible; however, I do not expect a port to be particularly painful.
21+
python-evtx works on both the 2.7 and 3.x versions of the Python programming language. As it is purely Python, the module works equally well across platforms. The code does not depend on any modules that require separate compilation; however, if you have lxml installed, its even nicer.
2422

2523
python-evtx operates on event log files from Windows operating systems newer than Windows Vista. These files typically have the file extension .evtx. Version 5.09 of the `file` utility identifies such a file as "MS Vista Windows Event Log". To manual confirm the file type, look for the ASCII string "ElfFile" in the first seven bytes:
2624

@@ -35,12 +33,11 @@ Provided with the parsing module `Evtx` are three scripts that mimic the tools d
3533

3634
Note the length of the `evtxdump.py` script: its only 20 lines. Now, review the contents and notice the complete implementation of the logic:
3735

38-
print "<?xml version=\"1.0\" encoding=\"utf-8\" standalone=\"yes\" ?>"
39-
print "<Events>"
40-
for chunk in fh.chunks():
41-
for record in chunk.records():
42-
print record.root().xml([])
43-
print "</Events>"
36+
print(e_views.XML_HEADER)
37+
print('<Events>')
38+
for record in log.records:
39+
print(record.xml())
40+
print('</Events>')
4441

4542
Working with python-evtx is really easy!
4643

@@ -53,11 +50,6 @@ Updates to python-evtx are pushed to PyPi, so you can install the module using e
5350

5451
The source code for python-evtx is hosted at Github, and you may download, fork, and review it from this repository (http://www.github.com/williballenthin/python-evtx). Please report issues or feature requests through Github's bug tracker associated with the project.
5552

56-
57-
Hacking
58-
-------
59-
60-
6153
License
6254
-------
6355
python-evtx is licensed under the Apache License, Version 2.0. This means it is freely available for use and modification in a personal and professional capacity.

0 commit comments

Comments
 (0)