LogonTracer Docker cannot delete default event files. Is it possible to perform event initialization?

Docker cannot delete default event files. Is it possible to perform event initialization?

Open ViolinTiger opened this issue 1 year ago • 1 comments

Docker cannot delete default event files. Is it possible to perform event initialization? Dockerはデフォルトのイベントファイルを削除できません。イベントの初期化を行うことは可能ですか？

I was able to successfully import the event, but there are too many duplicates. Thank you very much, I appreciate it. イベントのインポートに成功しましたが、重複があまりにも多すぎます。大変ありがとうございます、感謝しています。

Mar 14 '23 07:03 ViolinTiger

Please disable "Add additional EVTX or XML files". Upload EVTX File

Python command with option --delete.

$ python3 logontracer.py --delete -e [EVTX File] -z [TIME Zone] -u neo4j -p password -s [Docker image IP Address]

Nov 13 '23 01:11 shu-tom

LogonTracer LogonTracer copied to clipboard

Docker cannot delete default event files. Is it possible to perform event initialization?

LogonTracer
LogonTracer copied to clipboard