From 6f1d57219f035effbb34a374d6fbc8dd4c241418 Mon Sep 17 00:00:00 2001
From: Eric Conrad <git@zez.me>
Date: Wed, 20 Sep 2017 10:30:24 -0400
Subject: [PATCH] Update README-DeepBlue.py.md

---
 README-DeepBlue.py.md | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/README-DeepBlue.py.md b/README-DeepBlue.py.md
index d80e63c..4f3bf2e 100644
--- a/README-DeepBlue.py.md
+++ b/README-DeepBlue.py.md
@@ -1,2 +1,21 @@
-### DeepBlue.py
+# DeepBlue.py
 
+DeepBlueCLI, ported to Python. Designed for parsing evtx files on Unix/Linux.
+
+## libevtx
+
+Requires libevtx:  https://github.com/libyal/libevtx
+
+## Other evtx frameworks
+
+Note that I tested a few Unix/Linux/Python evtx frameworks. 
+
+This is quite popular: https://github.com/williballenthin/python-evtx
+
+I ran into trouble with *some* .evtx files, where it would crash with this error:
+
+```
+UnicodeDecodeError: 'utf16' codec can't decode bytes in position 0-1: illegal UTF-16 surrogate
+```
+
+I found libevtx 'just worked', and had the added benefit of both Python and compiled options.