2
responses
responses
Hello for, windows events proceed in JSON but some fields like "CommandLine", "TaskContent", "EventData" e.t.c arrives with XML escaping character, like
< is <
> is >
& is &
" is "
Is it possible to disable escaping globally?
Or the only option to solve the problem is using unescape_xml function for every field like:
$CommandLine = unescape_xml($CommandLine);
$TaskContent = unescape_xml($TaskContent);
Comments (1)
So this is my config, as you can see I need to unescape every variable
or xml escaping symols in windows event
Example Arguments in TaskContent EventID=4698
Config: