Closed devgc closed 7 years ago
Lots of these errors in dbhandler.log
DbHandler|ERROR|DbHandler|InsertFromListOfDicts|126|[ERROR] You must not use 8-bit bytestrings unless you use a text_factory that can interpret 8-bit bytestrings (like text_factory = str). It is highly recommended that you instead just switch your application to Unicode strings. [SQL] INSERT OR IGNORE INTO winevent (we_hash_id, we_index, we_source, we_jrec, we_tags, we_description, eventfile_type, computer_name, event_category, event_identifier, event_identifier_qualifiers, event_level, identifier, offset, source_name, strings, user_security_identifier, creation_time, written_time, xml_string, data, recovered) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?) [ROW] {'xml_string': '<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">\n <System>\n <Provider Name="Microsoft-Windows-ApplicationResourceManagementSystem" Guid="{770CA594-B467-4811-B355-28F5E5706987}"/>\n <EventID>341</EventID>\n <Version>0</Version>\n <Level>2</Level>\n <Task>2013</Task>\n <Opcode>0</Opcode>\n <Keywords>0x4000000000000000</Keywords>\n <TimeCreated SystemTime="2013-10-16T13:28:15.471292300Z"/>\n <EventRecordID>1318</EventRecordID>\n <Correlation/>\n <Execution ProcessID="4756" ThreadID="936"/>\n <Channel>Microsoft-Windows-ApplicationResourceManagementSystem/Operational</Channel>\n <Computer>Bifrost</Computer>\n <Security UserID="S-1-5-21-718126207-1171771683-1750804747-1001"/>\n </System>\n <EventData>\n <Data Name="String1">Windows::ApplicationModel::Resources::Core::_GetApplicationLanguageHandle</Data>\n <Data Name="String2">GetAppContainerRegistryHandleFromName failed</Data>\n <Data Name="String3">\xef\xba\xb0\xe5\xa1\xa2\xc2\x9e</Data>\n <Data Name="HResult">-458754</Data>\n </EventData>\n</Event>\n', 'we_jrec': '{"EventData": {"Data": [{"#text": "Windows::ApplicationModel::Resources::Core::_GetApplicationLanguageHandle", "Name": "String1"}, {"#text": "GetAppContainerRegistryHandleFromName failed", "Name": "String2"}, {"#text": "\\ufeb0\\u5862\\u009e", "Name": "String3"}, {"#text": "-458754", "Name": "HResult"}]}, "xmlns": "http://schemas.microsoft.com/win/2004/08/events/event", "System": {"EventID": {"#text": "341"}, "Task": {"#text": "2013"}, "TimeCreated": {"SystemTime": "2013-10-16T13:28:15.471292300Z"}, "Level": {"#text": "2"}, "Correlation": {}, "Version": {"#text": "0"}, "Opcode": {"#text": "0"}, "EventRecordID": {"#text": "1318"}, "Provider": {"Guid": "{770CA594-B467-4811-B355-28F5E5706987}", "Name": "Microsoft-Windows-ApplicationResourceManagementSystem"}, "Keywords": {"#text": "0x4000000000000000"}, "Security": {"UserID": "S-1-5-21-718126207-1171771683-1750804747-1001"}, "Execution": {"ProcessID": "4756", "ThreadID": "936"}, "Computer": {"#text": "Bifrost"}, "Channel": {"#text": "Microsoft-Windows-ApplicationResourceManagementSystem/Operational"}}}', 'we_description': None, 'we_recovered': False, 'creation_time': None, 'we_tags': 'None', 'computer_name': u'Bifrost', 'source_name': u'Microsoft-Windows-ApplicationResourceManagementSystem', 'offset': 0L, 'event_level': 2, 'data': None, 'we_hash_id': 'f09d22169876c35b0ab5fe99906df6b5', 'event_identifier_qualifiers': 0L, 'eventfile_type': 'evtx', 'we_index': 43, 'user_security_identifier': u'S-1-5-21-718126207-1171771683-1750804747-1001', 'event_category': None, 'we_source': u'D:\\developement\\python\\EventMonkey\\testfiles\\sans408\\Microsoft-Windows-ApplicationResourceManagementSystem%4Operational.evtx', 'event_identifier': 341L, 'identifier': 1318L, 'strings': u"[u'Windows::ApplicationModel::Resources::Core::_GetApplicationLanguageHandle', u'GetAppContainerRegistryHandleFromName failed', u'\\ufeb0\\u5862\\x9e', u'-458754']", 'recovered': 0, 'written_time': datetime.datetime(2013, 10, 16, 13, 28, 15, 471292)}
fixed - commit
devgc
commented
7 years ago
Lots of these errors in dbhandler.log