Could not import the lzma module.

[eljeffeg]

I keep receiving this error when I try to import logs. I'm using the Docker instance of LogonTracer. Might be part of this issue https://github.com/pandas-dev/pandas/issues/27575

[+] Script start. 2020/04/22 20:03:42 
[+] Neo4j Kernel version: 3.2.3 
[+] Delete all nodes and relationships from this Neo4j database. 
[+] Delete cache folder /usr/local/src/LogonTracer/cache. 
[+] make cache folder /usr/local/src/LogonTracer/cache. 
[+] Time zone is -5. 
[+] Last record number is 3030666004. 
[+] Start parsing the EVTX file. 
[+] Parse the EVTX file /usr/local/src/LogonTracer/upload/0.evtx. 
[+] Now loading 100 records. 
[+] Now loading 200 records. 
...
[+] Now loading 5800 records. 
[+] Now loading 5900 records. 
[+] Now loading 6000 records.

/usr/local/lib/python3.7/site-packages/pandas/compat/init.py:117: UserWarning: Could not import the lzma module. Your installed Python is incomplete. Attempting to use lzma compression will result in a RuntimeError. warnings.warn(msg) /usr/local/lib/python3.7/site-packages/statsmodels/tools/_testing.py:19: FutureWarning: pandas.util.testing is deprecated. Use the functions in the public API at pandas.testing instead. import pandas.util.testing as tm Unexpected token encountered

[shu-tom]

This pandas warning message is due to the importing python module changefinder. There is no way to improve this warning message, and it does not affect the LogonTracer.

[shu-tom]

I updated the Dockerfile and fix this issue. The latest docker image can import lzma module.