Feature/parse empty pages

omerbenamram / evtx

A Fast (and safe) parser for the Windows XML Event Log (EVTX) format

Apache License 2.0

636 stars 61 forks source link

Feature/parse empty pages #189

Open forensicmatt opened 3 years ago

forensicmatt commented 3 years ago

Add functunality to parse empty chunk pages

forensicmatt commented 3 years ago

Ping @ohadravid or @omerbenamram

forensicmatt commented 2 years ago

Ping. @ohadravid @omerbenamram

forensicmatt commented 2 years ago

Any thoughts @ohadravid @omerbenamram? I added this as non-default option if that was a concern. This recovers a good amount of records. Also added tests for functionality.

omerbenamram commented 2 years ago

Hi @forensicmatt - I hope we could get to it in the following week or so. Just to see that it doesn't regress anything.

Appreciate that you've added tests :)

forensicmatt commented 2 years ago

ping