https://docs.matildes.dev/tags/incident-response/Recent content in Incident-Response on Samuel Matildes - Knowledge BaseHugoenTue, 26 May 2026 14:15:13 +0100https://docs.matildes.dev/windows/admin/evtxparser/Tue, 26 May 2026 00:00:00 +0000https://docs.matildes.dev/windows/admin/evtxparser/<p> <a href="https://github.com/samatild/evtxparser" target="_blank" rel="noopener"> <i class="fab fa-github" aria-hidden="true"></i> GitHub </a> &nbsp;•&nbsp; <a href="https://pypi.org/project/evtxparser/" target="_blank" rel="noopener"> <i class="fab fa-python" aria-hidden="true"></i> PyPI </a> </p> <p><i class="fas fa-file-alt" aria-hidden="true"></i> Export Windows Event Viewer <code>.evtx</code> logs to clean CSV output without dragging a GUI into the workflow.</p> <p><img src="https://docs.matildes.dev/windows/admin/evtxparser/images/evtxparser.png" alt="evtxparser example"></p> <h2 id="what-is-evtxparser">What is evtxparser?<a class="td-heading-self-link" href="#what-is-evtxparser" aria-label="Heading self-link"></a></h2> <p><a href="https://github.com/samatild/evtxparser"><code>evtxparser</code></a> is a focused Python CLI for exporting Windows <code>.evtx</code> files to CSV. It is designed for the cases where you do not want a full GUI workflow or a heavyweight parsing pipeline: open the log, stream records, and write rows immediately.</p>