--lateral-all does not return correct output when mode set to JSON

[grants235]

There is an issue with the --lateral-all flag when used in conjunction with the --json flag. The results do not contain any of the eventId 4624 logon events. When using the hunt functionality, I am able to use the --lateral-all flag and can see a specific event log contains multiple logons at can be seen when the output is left to the default ascii tables. Then using the exact same command but adding the --json flag, the logons events are now not reported.

Please take a look into this. Thanks!

[fscc-alexkornitzer]

Hi @grants235,

This is a know issue with v1 and is not easy to fix due to the reasons listed in #59. For that reason this issue has been addressed in v2 and is currently available as an alpha (#77).