ParseEvtx 2.3.0¶
BUNDLE¶
org.apache.nifi | nifi-evtx-nar
DESCRIPTION¶
Parses the contents of a Windows Event Log file (evtx) and writes the resulting XML to the FlowFile
INPUT REQUIREMENT¶
REQUIRED
Supports Sensitive Dynamic Properties¶
false
PROPERTIES¶
Property |
Description |
|---|---|
granularity |
Output flow file for each Record, Chunk, or File encountered in the event log |
RELATIONSHIPS¶
NAME |
DESCRIPTION |
|---|---|
original |
The unmodified input FlowFile will be transferred to this relationship |
failure |
Any FlowFile that encountered an exception during conversion will be transferred to this relationship with as much parsing as possible done |
success |
Any FlowFile that was successfully converted from evtx to XML |
bad chunk |
Any bad chunks of records will be transferred to this relationship in their original binary form |
WRITES ATTRIBUTES¶
NAME |
DESCRIPTION |
|---|---|
filename |
The output filename |
mime.type |
The output filetype (application/xml for success and failure relationships, original value for bad chunk and original relationships) |