Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-1502 FetchEventViewer - NiFi should be able to consume Even Viewer (Windows Logs)
  3. NIFI-1975

Processor to Parse .evtx files

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.0.0, 1.0.0-Beta
    • None
    • None

    Description

      Windows event logs are stored in .evtx format as-of Windows Vista. If we port the pure python implementation of an evtx parser at https://github.com/williballenthin/python-evtx to Java, we should be able to ingest those files in NiFi on any operating system

      These files are located in C:\Windows\System32\winevt\Logs unless exported elsewhere.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #492

          Activity

            People

              Unassigned Unassigned
              bryanrosander@gmail.com Bryan Rosander
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: