Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bug] JSONL Output doesn't always contain a JSON object in the Details key #1386

Closed
xathon opened this issue Jul 16, 2024 · 0 comments · Fixed by #1390
Closed

[bug] JSONL Output doesn't always contain a JSON object in the Details key #1386

xathon opened this issue Jul 16, 2024 · 0 comments · Fixed by #1390
Assignees
@hitenkoku
Labels
invalid This doesn't seem right
Milestone
v2.17.0

Comments

@xathon
Copy link

xathon commented Jul 16, 2024

Describe the bug
The JSONL Output doesn't always contain a JSON object in the Details key. If it's empty, it will contain the string "-". This makes it hard to parse the output with tools that expect a JSON there.

Step to Reproduce
Run Hayabusa like this: hayabusa-2.16.0-lin-gnu json-timeline -d '/image/Windows/System32/winevt/Logs/' -L -o '/tmp/hayabusa-test.jsonl' and look at the output

Expected behavior
Events that don't generate any details should have a Details key with the value { }.

Screenshots
image
(taken from an older version of Hayabusa, but the problem stands)

Environment:

  • OS: Linux
  • hayabusa version: 2.16.0

Additional context
@xathon xathon added the bug Something isn't working label Jul 16, 2024
@hitenkoku hitenkoku self-assigned this Jul 17, 2024
@YamatoSecurity YamatoSecurity added this to the v2.17.0 milestone Jul 19, 2024
@hitenkoku hitenkoku added invalid This doesn't seem right and removed bug Something isn't working labels Jul 25, 2024
hitenkoku added a commit that referenced this issue Jul 25, 2024
@hitenkoku
fix(afterfact): modified output format from "-" str to empty Dict in …
a476526 
…Details #1386
@hitenkoku hitenkoku linked a pull request Jul 25, 2024 that will close this issue
fix(afterfact): modified output format from "-" str to empty Dict in … #1390
Merged
hitenkoku added a commit that referenced this issue Jul 27, 2024
@hitenkoku
fix(profile): fixed no exist error when config folder was no exist #1386
0386909
hitenkoku added a commit that referenced this issue Jul 27, 2024
@hitenkoku
feat(main): added message in no config folder of set-default-profile #…
0166429 
…1386
hitenkoku added a commit that referenced this issue Aug 11, 2024
@hitenkoku
feat(afterfact): fixed output format to JSON object when value in the…
7b72934 
… Details key is empty #1386
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hitenkoku hitenkoku

Labels
invalid This doesn't seem right
Projects
None yet
Milestone
v2.17.0
Development

Successfully merging a pull request may close this issue.

fix(afterfact): modified output format from "-" str to empty Dict in … Yamato-Security/hayabusa
3 participants
@hitenkoku @xathon @YamatoSecurity