-
Notifications
You must be signed in to change notification settings - Fork 444
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Errror when importing evtx file #120
Comments
It seems to have been abnormally withdrawn. Could you help me? Thank you very much |
What kind of event log did you upload to LogonTracer? The log file (XML or EVTX) must include the following Event IDs.
|
can i upload and parse Security.evtx of a windows computer not connected to activeDirectory? |
Hi, i have another problem with importing evtx, post log: python3 logontracer.py -e sample/Security.evtx -z +1 -u neo4j -p Polposta -s localhost [+] Script start. 2023/04/19 07:43:25 [+] Neo4j Kernel 5.6.0 (Enterprise) [+] Time zone is 1. [+] Last record number is 62031. [+] Start parsing the EVTX file. [+] Parse the EVTX file sample/Security.evtx. [+] Now loading 2500 records.Traceback (most recent call last): File "/home/postale/LogonTracer/logontracer.py", line 2883, in <module> main() File "/home/postale/LogonTracer/logontracer.py", line 2867, in main parse_evtx(args.evtx, case) File "/home/postale/LogonTracer/logontracer.py", line 1962, in parse_evtx event_set = event_set.append(event_series, ignore_index=True) File "/usr/local/lib/python3.10/dist-packages/pandas/core/generic.py", line 5989, in __getattr__ return object.__getattribute__(self, name) AttributeError: 'DataFrame' object has no attribute 'append'. Did you mean: '_append'? |
Hello, The error is linked to the deprecation of the append method and its removal in 2.0, see: Changing the logontracer.py script as in the attached patch seems to work, but is not recommended as it uses a private function which might break in the futur. We tried using concat as an inplace replacement, but the script fails further in the creation of ps: |
Same issue #135 |
2022-04-01 10:21:51,526 INFO supervisord started with pid 7
2022-04-01 10:21:52,528 INFO spawned: 'logontracer' with pid 111
2022-04-01 10:21:52,530 INFO spawned: 'neo4j' with pid 112
2022-04-01 10:21:54,060 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 10:21:54,060 INFO success: neo4j entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 10:21:55,828 INFO exited: logontracer (exit status 1; not expected)
2022-04-01 10:21:56,665 INFO spawned: 'logontracer' with pid 246
2022-04-01 10:21:57,666 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 10:21:58,718 INFO exited: logontracer (exit status 1; not expected)
2022-04-01 10:21:59,515 INFO spawned: 'logontracer' with pid 366
2022-04-01 10:22:00,516 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 10:37:10,527 WARN received SIGTERM indicating exit request
2022-04-01 10:37:10,527 INFO waiting for logontracer, neo4j to die
2022-04-01 10:37:13,532 INFO waiting for logontracer, neo4j to die
2022-04-01 10:37:15,702 INFO stopped: neo4j (exit status 0)
2022-04-01 10:37:16,703 INFO stopped: logontracer (terminated by SIGTERM)
2022-04-01 10:37:18,001 INFO supervisord started with pid 7
2022-04-01 10:37:19,003 INFO spawned: 'logontracer' with pid 111
2022-04-01 10:37:19,004 INFO spawned: 'neo4j' with pid 112
2022-04-01 10:37:20,197 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 10:37:20,197 INFO success: neo4j entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 10:37:21,027 INFO exited: logontracer (exit status 1; not expected)
2022-04-01 10:37:21,059 INFO spawned: 'logontracer' with pid 240
2022-04-01 10:37:22,060 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 10:37:22,856 INFO exited: logontracer (exit status 1; not expected)
2022-04-01 10:37:23,137 INFO spawned: 'logontracer' with pid 256
2022-04-01 10:37:24,139 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 10:37:24,906 INFO exited: logontracer (exit status 1; not expected)
2022-04-01 10:37:25,562 INFO spawned: 'logontracer' with pid 289
2022-04-01 10:37:26,563 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 13:22:55,654 WARN received SIGTERM indicating exit request
2022-04-01 13:22:55,654 INFO waiting for logontracer, neo4j to die
2022-04-01 13:22:58,659 INFO waiting for logontracer, neo4j to die
2022-04-01 13:23:00,809 INFO stopped: neo4j (exit status 0)
2022-04-01 13:23:01,810 INFO stopped: logontracer (terminated by SIGTERM)
2022-04-01 13:23:02,461 INFO supervisord started with pid 8
2022-04-01 13:23:03,463 INFO spawned: 'logontracer' with pid 112
2022-04-01 13:23:03,465 INFO spawned: 'neo4j' with pid 113
2022-04-01 13:23:04,628 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 13:23:04,628 INFO success: neo4j entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 13:23:05,879 INFO exited: logontracer (exit status 1; not expected)
2022-04-01 13:23:06,881 INFO spawned: 'logontracer' with pid 249
2022-04-01 13:23:08,410 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 13:23:08,650 INFO exited: logontracer (exit status 1; not expected)
2022-04-01 13:23:08,712 INFO spawned: 'logontracer' with pid 272
2022-04-01 13:23:09,955 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 13:39:31,926 WARN received SIGTERM indicating exit request
2022-04-01 13:39:31,926 INFO waiting for logontracer, neo4j to die
2022-04-01 13:39:34,931 INFO waiting for logontracer, neo4j to die
2022-04-01 13:39:37,066 INFO stopped: neo4j (exit status 0)
2022-04-01 13:39:38,068 INFO stopped: logontracer (terminated by SIGTERM)
2022-04-01 13:39:38,742 INFO supervisord started with pid 7
2022-04-01 13:39:39,745 INFO spawned: 'logontracer' with pid 111
2022-04-01 13:39:39,747 INFO spawned: 'neo4j' with pid 112
2022-04-01 13:39:40,906 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 13:39:40,906 INFO success: neo4j entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 13:39:41,613 INFO exited: logontracer (exit status 1; not expected)
2022-04-01 13:39:41,834 INFO spawned: 'logontracer' with pid 241
2022-04-01 13:39:42,835 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 13:39:43,854 INFO exited: logontracer (exit status 1; not expected)
2022-04-01 13:39:44,046 INFO spawned: 'logontracer' with pid 256
2022-04-01 13:39:45,048 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-04-01 13:39:45,924 INFO exited: logontracer (exit status 1; not expected)
2022-04-01 13:39:46,558 INFO spawned: 'logontracer' with pid 293
2022-04-01 13:39:47,560 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
The text was updated successfully, but these errors were encountered: