| Port details |
- py-evtx2splunk Evtx to Splunk ingestor
- 2.0.1 textproc
 =0      2.0.1Version of this port present on the latest quarterly branch. - Maintainer: acm@FreeBSD.org
- Port Added: 2023-04-30 21:36:08
- Last Update: 2023-06-27 19:34:34
- Commit Hash: 3d9a815
- Also Listed In: python
- License: MIT
- WWW:
- https://github.com/whikernel/evtx2splunk
- Description:
- Ingest EVTX files into a Splunk instance.
This tool is based on the work of :
Omer BenAmram
Blardy
Thanks to Ekto for its contribution.
Key features:
- Splunk HEC support with token auto-creation
- Splunk index auto-creation
- Multiprocessing support
- Caching for evtx reuse without reconverting
- Windows and Linux compatibility
- Rely on the great and fast evtx_dump Rust tool of Omer
- Evtx message resolutions from database
Note: evtx2splunk converts the EVTX to JSON and stores them in a temporary
place. Hence, up to the size of source EVTX can be created during the process.
These files are removed at the end of the process, except if keep_cache is
enabled.
  ¦  ¦  ¦  ¦ 
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - There is no configure plist information for this port.
- Dependency lines:
-
- ${PYTHON_PKGNAMEPREFIX}evtx2splunk>0:textproc/py-evtx2splunk@${PY_FLAVOR}
- To install the port:
- cd /usr/ports/textproc/py-evtx2splunk/ && make install clean
- To add the package, run one of these commands:
- pkg install textproc/py-evtx2splunk
- pkg install py39-evtx2splunk
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
NOTE: This is a Python port. Instead of py39-evtx2splunk listed in the above command, you can pick from the names under the Packages section.- PKGNAME: py39-evtx2splunk
- Package flavors (<flavor>: <package>)
- distinfo:
- TIMESTAMP = 1682884324
SHA256 (whikernel-evtx2splunk-2.0.1-12bfda6cdd83ae392df9303d0140a2eaa936a62f_GH0.tar.gz) = a203a63d063d004975ac5d928030188501e119bc63dc6f995644f9aa1577a36c
SIZE (whikernel-evtx2splunk-2.0.1-12bfda6cdd83ae392df9303d0140a2eaa936a62f_GH0.tar.gz) = 7116809
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- py39-setuptools>=63.1.0 : devel/py-setuptools@py39
- python3.9 : lang/python39
- Test dependencies:
-
- python3.9 : lang/python39
- Runtime dependencies:
-
- py39-certifi>0 : security/py-certifi@py39
- py39-chardet>0 : textproc/py-chardet@py39
- py39-idna>0 : dns/py-idna@py39
- py39-python-dotenv>0 : www/py-python-dotenv@py39
- py39-requests>0 : www/py-requests@py39
- py39-semantic-version>0 : devel/py-semantic-version@py39
- py39-urllib3>0 : net/py-urllib3@py39
- py39-toml>0 : textproc/py-toml@py39
- py39-tqdm>0 : misc/py-tqdm@py39
- py39-splunk-hec>0 : textproc/py-splunk-hec@py39
- fd-find>0 : sysutils/fd
- evtx>0 : textproc/evtx
- py39-setuptools>=63.1.0 : devel/py-setuptools@py39
- python3.9 : lang/python39
- This port is required by:
- for Run
-
- security/py-iris-evtx-module
Configuration Options:- No options to configure
- Options name:
- textproc_py-evtx2splunk
- USES:
- python
- FreshPorts was unable to extract/find any pkg message
- Master Sites:
|
Number of commits found: 2
| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
2.0.1
27 Jun 2023 19:34:34
 |
Rene Ladan (rene) |
all: remove explicit versions in USES=python for "3.x+"
The logic in USES=python will automatically convert this to 3.8+ by
itself.
Adjust two ports that only had Python 3.7 mentioned but build fine
on Python 3.8 too.
finance/quickfix: mark BROKEN with PYTHON
libtool: compile: c++ -DHAVE_CONFIG_H -I. -I../.. -I -I. -I.. -I../.. -I../C++
-DLIBICONV_PLUG -DPYTHON_MAJOR_VERSION=3 -Wno-unused-variable
-Wno-maybe-uninitialized -O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong
-fno-strict-aliasing -DLIBICONV_PLUG -Wall -ansi
-Wno-unused-command-line-argument -Wpointer-arith -Wwrite-strings
-Wno-overloaded-virtual -Wno-deprecated-declarations -Wno-deprecated -std=c++0x
-MT _quickfix_la-QuickfixPython.lo -MD -MP -MF
.deps/_quickfix_la-QuickfixPython.Tpo -c QuickfixPython.cpp -fPIC -DPIC -o
.libs/_quickfix_la-QuickfixPython.o
warning: unknown warning option '-Wno-maybe-uninitialized'; did you mean
'-Wno-uninitialized'? [-Wunknown-warning-option]
QuickfixPython.cpp:175:11: fatal error: 'Python.h' file not found
^~~~~~~~~~
1 warning and 1 error generated.
Reviewed by: portmgr, vishwin, yuri
Differential Revision: <https://reviews.freebsd.org/D40568> |
2.0.1
30 Apr 2023 21:33:08
|
Jose Alonso Cardenas Marquez (acm) |
textproc/py-evtx2splunk: New port: Evtx to Splunk ingestor
Ingest EVTX files into a Splunk instance.
This tool is based on the work of :
Omer BenAmram
Blardy
Thanks to Ekto for its contribution.
Key features:
- Splunk HEC support with token auto-creation
- Splunk index auto-creation
- Multiprocessing support
- Caching for evtx reuse without reconverting
- Windows and Linux compatibility
- Rely on the great and fast evtx_dump Rust tool of Omer
- Evtx message resolutions from database
Note: evtx2splunk converts the EVTX to JSON and stores them in a temporary
place. Hence, up to the size of source EVTX can be created during the process.
These files are removed at the end of the process, except if keep_cache is
enabled. |
Number of commits found: 2
|
As an Amazon Associate I earn from qualifying purchases.