Skip to content

Anlyz/windows-eventlog-transform

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
assets
assets
 
 
data
data
 
 
examples
examples
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Transform Windows Event Log XML

Build Status

Transform Windows Event Log XML files or strings into JSON and or Common Event Format (CEF)

Requirements

  • Rust

Compile

  • Build Release
cargo b --release
  • Test
cargo t

Run Examples

cargo run --example eg1

Example Transformed Json

{
  "xmlns": "http://schemas.microsoft.com/win/2004/08/events/event",
  "System": {
    "Provider": {
      "Name": "BTHUSB",
      "Guid": null
    },
    "EventRecordID": 5662,
    "Event": {
      "EventID": 18,
      "EventName": "EventID-18"
    },
    "Level": "Information",
    "Task": "None",
    "Opcode": "Info",
    "Keywords": "Classic",
    "TimeCreated": "2021-01-29T12:37:19.5374683Z",
    "Correlation": {
      "ActivityID": null
    },
    "Execution": {
      "ProcessID": 4,
      "ThreadID": 1240
    },
    "Channel": "System",
    "Computer": "DESKTOP-G089JUF",
    "Security": {
      "UserID": null
    },
    "Version": 0
  },
  "EventData": {
    "Data": [
      null
    ],
    "Binary": "00000800010000000000000012000540000000000000000000000000000000000000000000000000E000000000000000"
  }
}

About

Transform the windows event log xml into json

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Rust 100.0%