When the --evtx input including quotes the zircolite crush

wagga40 / Zircolite

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

671 stars 91 forks source link

Closed NofLevi closed 1 year ago

NofLevi commented 1 year ago

Examples: --evtx C:\"ExampleFolder"\ --evtx C:\Folder\"example".txt

wagga40 commented 1 year ago

Hi, thanks for the issue.

It is much more a command line issue and argument parsing than a Zircolite one, have you tried single quoting the path ?

--evtx 'YOUR_PATH_WITH_QUOTES'

NofLevi10root commented 1 year ago

Thank you for the quick comment. You can close the issue then.