From 3e1c4a2942bb114b396fdd65f5eb5f3afa3afa96 Mon Sep 17 00:00:00 2001
From: ichiichi11 <takai.wa.hajime@gmail.com>
Date: Thu, 25 Feb 2021 23:04:12 +0900
Subject: [PATCH] fix issue#57

---
 src/detections/detection.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/detections/detection.rs b/src/detections/detection.rs
index d67eb96c..7cf59828 100644
--- a/src/detections/detection.rs
+++ b/src/detections/detection.rs
@@ -5,7 +5,7 @@ use crate::detections::rule;
 use crate::detections::rule::RuleNode;
 use crate::yaml::ParseYaml;
 use evtx::err;
-use evtx::{EvtxParser, SerializedEvtxRecord};
+use evtx::{EvtxParser, SerializedEvtxRecord, ParserSettings};
 use serde_json::{Error, Value};
 use std::path::PathBuf;
 
@@ -66,6 +66,9 @@ impl Detection {
                 }
             })
             .map(|mut cur| {
+                let mut parse_config = ParserSettings::default();
+                parse_config = parse_config.separate_json_attributes(true);
+                cur = cur.with_configuration(parse_config);
                 let ret: Vec<err::Result<SerializedEvtxRecord<String>>> =
                     cur.records_json().collect();
                 return ret;