notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
Port details
py-evtx2splunk Evtx to Splunk ingestor
2.0.1 textproc on this many watch lists=2 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 2.0.1Version of this port present on the latest quarterly branch.
Maintainer: acm@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2023-04-30 21:36:08
Last Update: 2023-06-27 19:34:34
Commit Hash: 3d9a815
People watching this port, also watch:: jdictionary, py311-Automat, py311-python-gdsii, py39-PyOpenGL, p5-Sane
Also Listed In: python
License: MIT
WWW:
https://github.com/whikernel/evtx2splunk
Description:
Ingest EVTX files into a Splunk instance. This tool is based on the work of : Omer BenAmram Blardy Thanks to Ekto for its contribution. Key features: - Splunk HEC support with token auto-creation - Splunk index auto-creation - Multiprocessing support - Caching for evtx reuse without reconverting - Windows and Linux compatibility - Rely on the great and fast evtx_dump Rust tool of Omer - Evtx message resolutions from database Note: evtx2splunk converts the EVTX to JSON and stores them in a temporary place. Hence, up to the size of source EVTX can be created during the process. These files are removed at the end of the process, except if keep_cache is enabled.
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb - no subversion history for this port

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
There is no configure plist information for this port.
Dependency lines:
  • ${PYTHON_PKGNAMEPREFIX}evtx2splunk>0:textproc/py-evtx2splunk@${PY_FLAVOR}
To install the port:
cd /usr/ports/textproc/py-evtx2splunk/ && make install clean
To add the package, run one of these commands:
  • pkg install textproc/py-evtx2splunk
  • pkg install py39-evtx2splunk
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
NOTE: This is a Python port. Instead of py39-evtx2splunk listed in the above command, you can pick from the names under the Packages section.
PKGNAME: py39-evtx2splunk
Package flavors (<flavor>: <package>)
  • py39: py39-evtx2splunk
distinfo:
TIMESTAMP = 1682884324 SHA256 (whikernel-evtx2splunk-2.0.1-12bfda6cdd83ae392df9303d0140a2eaa936a62f_GH0.tar.gz) = a203a63d063d004975ac5d928030188501e119bc63dc6f995644f9aa1577a36c SIZE (whikernel-evtx2splunk-2.0.1-12bfda6cdd83ae392df9303d0140a2eaa936a62f_GH0.tar.gz) = 7116809

Packages (timestamps in pop-ups are UTC):
py39-evtx2splunk
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest--------
FreeBSD:13:quarterly------2.0.12.0.1
FreeBSD:14:latest-------2.0.1
FreeBSD:14:quarterly------2.0.12.0.1
FreeBSD:15:latest--n/a-n/a-2.0.1-
 

py311-evtx2splunk
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest2.0.12.0.1-2.0.12.0.1---
FreeBSD:13:quarterly2.0.12.0.1--2.0.1---
FreeBSD:14:latest2.0.12.0.1-2.0.12.0.1---
FreeBSD:14:quarterly2.0.12.0.1--2.0.1---
FreeBSD:15:latest2.0.12.0.1n/a2.0.1n/a---
 

Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. py39-setuptools>=63.1.0 : devel/py-setuptools@py39
  2. python3.9 : lang/python39
Test dependencies:
  1. python3.9 : lang/python39
Runtime dependencies:
  1. py39-certifi>0 : security/py-certifi@py39
  2. py39-chardet>0 : textproc/py-chardet@py39
  3. py39-idna>0 : dns/py-idna@py39
  4. py39-python-dotenv>0 : www/py-python-dotenv@py39
  5. py39-requests>0 : www/py-requests@py39
  6. py39-semantic-version>0 : devel/py-semantic-version@py39
  7. py39-urllib3>0 : net/py-urllib3@py39
  8. py39-toml>0 : textproc/py-toml@py39
  9. py39-tqdm>0 : misc/py-tqdm@py39
  10. py39-splunk-hec>0 : textproc/py-splunk-hec@py39
  11. fd-find>0 : sysutils/fd
  12. evtx>0 : textproc/evtx
  13. py39-setuptools>=63.1.0 : devel/py-setuptools@py39
  14. python3.9 : lang/python39
This port is required by:
for Run
  1. security/py-iris-evtx-module

Configuration Options:
No options to configure
Options name:
textproc_py-evtx2splunk
USES:
python
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. https://codeload.github.com/whikernel/evtx2splunk/tar.gz/12bfda6cdd83ae392df9303d0140a2eaa936a62f?dummy=/
Collapse this list.

Number of commits found: 2

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
2.0.1
27 Jun 2023 19:34:34
commit hash: 3d9a815d9c5acbb71f4bb07738bdeab4879feacbcommit hash: 3d9a815d9c5acbb71f4bb07738bdeab4879feacbcommit hash: 3d9a815d9c5acbb71f4bb07738bdeab4879feacbcommit hash: 3d9a815d9c5acbb71f4bb07738bdeab4879feacb files touched by this commit
Rene Ladan (rene) search for other commits by this committer
all: remove explicit versions in USES=python for "3.x+"

The logic in USES=python will automatically convert this to 3.8+ by
itself.

Adjust two ports that only had Python 3.7 mentioned but build fine
on Python 3.8 too.

finance/quickfix: mark BROKEN with PYTHON

libtool: compile:  c++ -DHAVE_CONFIG_H -I. -I../.. -I -I. -I.. -I../.. -I../C++
-DLIBICONV_PLUG -DPYTHON_MAJOR_VERSION=3 -Wno-unused-variable
-Wno-maybe-uninitialized -O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong
-fno-strict-aliasing -DLIBICONV_PLUG -Wall -ansi
-Wno-unused-command-line-argument -Wpointer-arith -Wwrite-strings
-Wno-overloaded-virtual -Wno-deprecated-declarations -Wno-deprecated -std=c++0x
-MT _quickfix_la-QuickfixPython.lo -MD -MP -MF
.deps/_quickfix_la-QuickfixPython.Tpo -c QuickfixPython.cpp  -fPIC -DPIC -o
.libs/_quickfix_la-QuickfixPython.o
warning: unknown warning option '-Wno-maybe-uninitialized'; did you mean
'-Wno-uninitialized'? [-Wunknown-warning-option]
QuickfixPython.cpp:175:11: fatal error: 'Python.h' file not found
          ^~~~~~~~~~
1 warning and 1 error generated.

Reviewed by:	portmgr, vishwin, yuri
Differential Revision:	<https://reviews.freebsd.org/D40568>
2.0.1
30 Apr 2023 21:33:08
commit hash: 85d2fe1693005be69b0b1eea9e7d18134c5bbfa3commit hash: 85d2fe1693005be69b0b1eea9e7d18134c5bbfa3commit hash: 85d2fe1693005be69b0b1eea9e7d18134c5bbfa3commit hash: 85d2fe1693005be69b0b1eea9e7d18134c5bbfa3 files touched by this commit
Jose Alonso Cardenas Marquez (acm) search for other commits by this committer
textproc/py-evtx2splunk: New port: Evtx to Splunk ingestor

Ingest EVTX files into a Splunk instance.

This tool is based on the work of :

Omer BenAmram
Blardy
Thanks to Ekto for its contribution.

Key features:

- Splunk HEC support with token auto-creation
- Splunk index auto-creation
- Multiprocessing support
- Caching for evtx reuse without reconverting
- Windows and Linux compatibility
- Rely on the great and fast evtx_dump Rust tool of Omer
- Evtx message resolutions from database

Note: evtx2splunk converts the EVTX to JSON and stores them in a temporary
place. Hence, up to the size of source EVTX can be created during the process.
These files are removed at the end of the process, except if keep_cache is
enabled.

Number of commits found: 2