The Magnet Forensics team developed an API for both Python and XML to add support for creating custom artifacts within Axiom. The Python API, at of the writing of this book, is only available through IronPython running Python version 2.7. While we have developed our code outside of this platform, we can easily integrate it into Axiom following the steps laid out in this recipe. We used Axiom version 1.1.3.5726 to test and develop this recipe.

We first need to install Axiom in a Windows instance and ensure that our code is stable and portable. Additionally, our code needs to be sandbox friendly. The Axiom sandbox limits the use of third-party libraries and access to some Python modules and functions that could cause code to interact with the system outside of the application. For this reason, we designed our daily.out parser to only use built-in libraries that are safe in the sandbox to demonstrate the ease of develop with these custom artifacts.