Skip to content

Commit

Permalink
Merge pull request #46 from ZikyHD/catch_timestamp_error
Browse files Browse the repository at this point in the history 
Add timestamp try for rotten evtx files
  • Loading branch information
@wagga40
wagga40 authored Dec 7, 2022
2 parents 7ad3a2e + 67c4539 commit 76e7403
Showing 1 changed file with 9 additions and 5 deletions.
14 changes: 9 additions & 5 deletions zircolite.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -597,12 +597,16 @@ def flatten(x, name=""):
self.timeAfter != "1970-01-01T00:00:00"
or self.timeBefore != "9999-12-12T23:59:59"
) and (self.timeField in JSONLine):
timestamp = time.strptime(
JSONLine[self.timeField].split(".")[0].replace("Z", ""),
"%Y-%m-%dT%H:%M:%S",
)
if timestamp > self.timeAfter and timestamp < self.timeBefore:
try:
timestamp = time.strptime(
JSONLine[self.timeField].split(".")[0].replace("Z", ""),
"%Y-%m-%dT%H:%M:%S",
)
except:
JSONOutput.append(JSONLine)
else:
if timestamp > self.timeAfter and timestamp < self.timeBefore:
JSONOutput.append(JSONLine)
else:
JSONOutput.append(JSONLine)
JSONLine = {}
Expand Down

0 comments on commit 76e7403

Please sign in to comment.