evtx_dump.py command not found

In this troubleshooting guide we learn how to fix evtx_dump.py command not found error message

Introduction

When you run more command in linux terminal / console, you get the following error message

evtx_dump.py: command not found

or when using sudo you get the following error message

sudo: evtx_dump.py: command not found

Solutions to evtx_dump.py: command not found

How To Fix evtx_dump.py: command not found in Ubuntu / Debian / Kali Linux / Raspbian

In Ubuntu evtx_dump.py is provided by python3-evtx package.

python3-evtx is:

This module provides programmatic access to the File and Chunk headers, record templates, and event entries from Microsoft Windows Vista and later.

This package contains modules for Python 3.

To fix this problem, we can install more using the command below.

sudo apt-get -y install python3-evtx

This command might take some time to finish depending on your machine internet connection.

You can also use apt command to install python3-evtx.

sudo apt -y install python3-evtx

Or if you have aptitude installed you can use the following command.

sudo aptitude install python3-evtx

Summary

In this tutorial we learn how to fix evtx_dump.py command not found error in Ubuntu / Debian / Kali Linux or Raspbian distribution.