Comments (8)
Make sure you use appropriate parameters for your log (e.g. json format of modsecurity version).
You can try to run on smaller subset of log. E.g. limit modsec_audit.log to first 2-5 log entries.
If the error is the same with smaller log file then anonymize the log (e.g replace IP address/domain name) and send it to me. Add also information about your modsecurity version and arguments you passed to the parser.
from modsecurity-parser.
from modsecurity-parser.
Sorry for late reply but I haven't got any file and thought that problem was connected with the file.
I noticed that you used incorrect parameters.
Please use the following command with params:
python ./modsecurity-parser.py -f modsec_audit.log
When file is processed without errors then it should create a subfolder named "modsec_output". Inside of it there are 3 files:
- *.png with graph you look for
- *.xlsx file (second sheet also should have this graph
- *.json output
Please be noticed also that packages must be installed first with "pip install -r requirements.txt" . Please clone the latest commit as I've just updated it with the set of packages that should work with modsecurity-parser (they are quite old and were grabbed from Ubuntu18 but its possible to install them also with default python installation inside Ubuntu 20).
from modsecurity-parser.
Hello, thanks for reply.
This time I tried it on Linux Ubuntu 20.04. Same error:
python3 ./modsecurity-parser.py -f modsec_audit.log
inputFileName : modsec_audit.log
---------- modsec_audit events processed: 294 ----------
---------- modsec_audit events skipped by INCLUDED/EXCLUDED options or INVALID : 0 ----------
Traceback (most recent call last):
File "./modsecurity-parser.py", line 689, in <module>
outputWithGraphs = modsecViewGraphs(modsec_entries)
File "./modsecurity-parser.py", line 360, in modsecViewGraphs
event_times = list(map(lambda x: datetime.strptime(x.replace('--','-'), LOG_TIMESTAMP_FORMAT).replace(tzinfo=None), event_times1))
File "./modsecurity-parser.py", line 360, in <lambda>
event_times = list(map(lambda x: datetime.strptime(x.replace('--','-'), LOG_TIMESTAMP_FORMAT).replace(tzinfo=None), event_times1))
File "/usr/lib/python3.8/_strptime.py", line 568, in _strptime_datetime
tt, fraction, gmtoff_fraction = _strptime(data_string, format)
File "/usr/lib/python3.8/_strptime.py", line 349, in _strptime
raise ValueError("time data %r does not match format %r" %
ValueError: time data '13/Aug/2022:00:06:11.341644 +0000' does not match format '%d/%b/%Y:%H:%M:%S %z'
root@nginks:/home/user15/modsecurity-parser#
from modsecurity-parser.
from modsecurity-parser.
Ahh, haven't noticed ValuError before.
Try to replace line from modsecurity_parser.py from:
LOG_TIMESTAMP_FORMAT = '%d/%b/%Y:%H:%M:%S %z'
to following one:
LOG_TIMESTAMP_FORMAT = '%d/%b/%Y:%H:%M:%S.%f %z'
from modsecurity-parser.
Thank you very much!
Issue has been resolved!
After editing LOG_TIMESTAMP_FORMAT as you mentioned above, now it is working.
Thank you again!
from modsecurity-parser.
Fixed with the latest 0.5.0 release
from modsecurity-parser.
Related Issues (20)
- Error TypeError: pie() got an unexpected keyword argument 'normalize' HOT 4
- No modsecurity events found in the specified file HOT 3
- ValueError: Single argument to subplot must be a three-digit integer, not AxesSubplot(0.125,0.420962;0.149038x0.148077) HOT 2
- IndexError: too many indices for array: array is 1-dimensional, but 2 were indexed HOT 1
- Png Graph not show rule id HOT 4
- Doesn't work with python 3.11 on Wondows 10/11 with matplotlib > 3.3
- LogParts Setting HOT 2
- File config.yaml.example for global settings
- in Detection only mode on hapee-2.4/libmodsecurity3 no rules are displayed in the report HOT 5
- IndexError: too many indices for array: array is 1-dimensional, but 2 were indexed HOT 5
- --version3 and libmodsecurity 3 parsing exceptions HOT 1
- ValueError: time data
- ValueError: Single argument to subplot must be a three-digit integer, not <Axes: > HOT 2
- Generate rsyslog/nxlog compatible paersed log file per minute to get a near real time view ? HOT 5
- incorrect HELP=Yes parameters
- plt.subplot(ax21) : Function is expecting a three-digit integer instead of an Axes object. HOT 3
- Time format HOT 3
- Json not vaild HOT 1
- MatplotlibDeprecationWarning using matplotlib 3.3.1 HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from modsecurity-parser.