igevtx

package
v0.0.0-...-0908972 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 12, 2019 License: BSD-3-Clause Imports: 8 Imported by: 0

Documentation

Overview

Parse the contents of the EVTX files. Reference: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-even6/c73573ae-1c90-43a2-a65f-ad7501155956 (c) 2019, igosha (2igosha@gmail.com)

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ParseEvtx 

func ParseEvtx(fname string, hnd EventHandler) error

Completely parse the EVTX file, use hnd as callback for every record found

Types

type EventHandler 

type EventHandler func(when time.Time, num uint64, variable map[string]string)

Callback type for ParseEvtx, gets the timestamp, record number and values for each event log record

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.