Appcomapt regular expression failed

[k-kumar-p]

I have some weird appcompat entries which are not being parsed (presumably due to missing backslashes in the path). Sample entries below

2017-11-27 06:45:55,238 Ingest.appcompat_mirregistryaudit WARNING appLoadProd-2 Entry regex failed for: 85 - 2002-10-25 16:48:48,N/A,SIGN.MEDIA=3D8EF autorun.exe,N/A,N/A 2017-11-27 06:45:55,241 Ingest.appcompat_mirregistryaudit WARNING appLoadProd-2 Entry regex failed for: 85 - 2017-01-26 10:18:37,N/A,SIGN.MEDIA=350A80 setup.exe,N/A,N/A

[mbevilacqua]

Hi Kumar! I see those regularly too. My best bet is they somehow track execution from some sort of installers but it's a wild guess based on context really. They're skipped so far as there is no community knowledge I could find as to what those are or what to make of them, as you can see they have no associated path to them. Until more research is done and someone figures out what those really are I feel it's safer to have them skipped and draw attention to the user as yourself in case the files names or context seem worth investigating. If someone figures this out lets re-open this issue and address this adequately.