morpheus.parsers.windows_event_parser.WindowsEventParser
- class WindowsEventParser(interested_eventcodes=None)[source]
Bases:
morpheus.parsers.event_parser.EventParserThis is class parses windows event logs.
- Parameters
- interested_eventcodes: typing.Set[int]
Set of interested codes to parse
- Attributes
columnsList of columns that are being processed.
event_nameEvent name define type of logs that are being processed.
Methods
clean_raw_data(text)Lower casing and replacing escape characters. get_columns()Get columns of windows event codes. parse(text)Parses the Windows raw event. parse_raw_event(text, event_regex)Processes parsing of a specific type of raw event records received as a dataframe. - clean_raw_data(text)[source]
Lower casing and replacing escape characters.
- Parameters
- textSeriesType
Raw event log text to be clean
- Returns
- SeriesType
Clean raw event log text
- property columns
List of columns that are being processed.
- Returns
- set[str]
Event column names
- property event_name
Event name define type of logs that are being processed.
- Returns
- str
Event name
- get_columns()[source]
Get columns of windows event codes.
- Returns
- typing.Set[str]
Columns of all configured eventcodes, if no interested eventcodes specified.
- parse(text)[source]
Parses the Windows raw event.
- Parameters
- textSeriesType
Raw event log text to be parsed
- Returns
- DataFrameType
Parsed logs dataframe
- parse_raw_event(text, event_regex)[source]
Processes parsing of a specific type of raw event records received as a dataframe.
- Parameters
- textSeriesType
Raw event log text to be parsed.
- event_regex: typing.Dict[str, str]
Required regular expressions for a given event type.
- Returns
- DataFrameType
Parsed logs dataframe