ParseEvtx 2025.5.31.15¶
Bundle¶
org.apache.nifi | nifi-evtx-nar
Description¶
Parses the contents of a Windows Event Log file (evtx) and writes the resulting XML to the FlowFile
Input Requirement¶
REQUIRED
Supports Sensitive Dynamic Properties¶
false
Properties¶
Property |
Description |
|---|---|
granularity |
Output flow file for each Record, Chunk, or File encountered in the event log |
Relationships¶
Name |
Description |
|---|---|
bad chunk |
Any bad chunks of records will be transferred to this relationship in their original binary form |
failure |
Any FlowFile that encountered an exception during conversion will be transferred to this relationship with as much parsing as possible done |
original |
The unmodified input FlowFile will be transferred to this relationship |
success |
Any FlowFile that was successfully converted from evtx to XML |
Writes attributes¶
Name |
Description |
|---|---|
filename |
The output filename |
mime.type |
The output filetype (application/xml for success and failure relationships, original value for bad chunk and original relationships) |