Output Tweaking - Githubissues

omerbenamram / evtx

A Fast (and safe) parser for the Windows XML Event Log (EVTX) format

Apache License 2.0

652 stars 62 forks source link

Output Tweaking #12

Closed devgc closed 5 years ago

devgc commented 5 years ago

Just a small feature request. Could you exclude the null chars in output? It breaks a lot of processing of the output.

Also, there seems to be a formatting issue with integer rendering when the hex value is 1 char. A space between 0x and the integer. I know they are small things, but, it helps a lot when trying to serialize for ingestion or post processing.

omerbenamram commented 5 years ago

Will fix this today :)

omerbenamram commented 5 years ago

should be fixed in #13. Thanks for letting me know of these small things :)

devgc commented 5 years ago

Another formatting request.

For binary blobs, can you make the output a hex string [Exmple: '000000000400000028C6AB67E9AA6AB4...']?

The list of ints is harder to post process. Example of current output (PartitionTable, MBR, etc.):

omerbenamram commented 5 years ago

added to #13. :)

omerbenamram commented 5 years ago

@devgc released in 0.1.8 patch :shipit: