Comments (8)
molu8bits
commented on September 21, 2024
Make sure you use appropriate parameters for your log (e.g. json format of modsecurity version).
You can try to run on smaller subset of log. E.g. limit modsec_audit.log to first 2-5 log entries.
If the error is the same with smaller log file then anonymize the log (e.g replace IP address/domain name) and send it to me. Add also information about your modsecurity version and arguments you passed to the parser.
from modsecurity-parser.
itdeveloper50
commented on September 21, 2024
Thank you for your reply!
I tried to limit my modsec_audit.log - did not help. I have the same errors.
I use the PyCharm terminal on Windows 10.
If I write: .\modsecurity-parser.py -f modsec_audit6.log --> it
generates a .json file in the modsec_output folder. That is OK.
If I write: .\modsecurity-parser.py -f modsec_audit6.log -g picture -->
gives the same errors like in a screenshot which I sent.
I want to generate a picture of modsec audit.
Mod Security version: 2.9.5-1
Log file is attached.
Thank you very much in advance!
пт, 19 авг. 2022 г. в 13:24, Lucjan M ***@***.***>:
… Make sure you use appropriate parameters for your log (e.g. json format of
modsecurity version).
You can try to run on smaller subset of log. E.g. limit modsec_audit.log
to first 2-5 log entries.
If the error is the same with smaller log file then anonymize the log (e.g
replace IP address/domain name) and send it to me. Add also information
about your modsecurity version and arguments you passed to the parser.
—
Reply to this email directly, view it on GitHub
<#18 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AZLEW6C46TH75G3IXMCVD43VZ5ADBANCNFSM56PI5Y2A>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
from modsecurity-parser.
molu8bits
commented on September 21, 2024
Sorry for late reply but I haven't got any file and thought that problem was connected with the file.
I noticed that you used incorrect parameters.
Please use the following command with params:
python ./modsecurity-parser.py -f modsec_audit.log
When file is processed without errors then it should create a subfolder named "modsec_output". Inside of it there are 3 files:
- *.png with graph you look for
- *.xlsx file (second sheet also should have this graph
- *.json output
Please be noticed also that packages must be installed first with "pip install -r requirements.txt" . Please clone the latest commit as I've just updated it with the set of packages that should work with modsecurity-parser (they are quite old and were grabbed from Ubuntu18 but its possible to install them also with default python installation inside Ubuntu 20).
from modsecurity-parser.
itdeveloper50
commented on September 21, 2024
Hello, thanks for reply.
This time I tried it on Linux Ubuntu 20.04. Same error:
python3 ./modsecurity-parser.py -f modsec_audit.log
inputFileName : modsec_audit.log
---------- modsec_audit events processed: 294 ----------
---------- modsec_audit events skipped by INCLUDED/EXCLUDED options or INVALID : 0 ----------
Traceback (most recent call last):
File "./modsecurity-parser.py", line 689, in <module>
outputWithGraphs = modsecViewGraphs(modsec_entries)
File "./modsecurity-parser.py", line 360, in modsecViewGraphs
event_times = list(map(lambda x: datetime.strptime(x.replace('--','-'), LOG_TIMESTAMP_FORMAT).replace(tzinfo=None), event_times1))
File "./modsecurity-parser.py", line 360, in <lambda>
event_times = list(map(lambda x: datetime.strptime(x.replace('--','-'), LOG_TIMESTAMP_FORMAT).replace(tzinfo=None), event_times1))
File "/usr/lib/python3.8/_strptime.py", line 568, in _strptime_datetime
tt, fraction, gmtoff_fraction = _strptime(data_string, format)
File "/usr/lib/python3.8/_strptime.py", line 349, in _strptime
raise ValueError("time data %r does not match format %r" %
ValueError: time data '13/Aug/2022:00:06:11.341644 +0000' does not match format '%d/%b/%Y:%H:%M:%S %z'
root@nginks:/home/user15/modsecurity-parser#
from modsecurity-parser.
itdeveloper50
commented on September 21, 2024
Hello, thanks for reply.
This time I tried it on Linux Ubuntu 20.04. Same error:
python3 ./modsecurity-parser.py -f modsec_audit.log
inputFileName : modsec_audit.log
---------- modsec_audit events processed: 294 ----------
---------- modsec_audit events skipped by INCLUDED/EXCLUDED options or
INVALID : 0 ----------
Traceback (most recent call last):
File "./modsecurity-parser.py", line 689, in <module>
outputWithGraphs = modsecViewGraphs(modsec_entries)
File "./modsecurity-parser.py", line 360, in modsecViewGraphs
event_times = list(map(lambda x: datetime.strptime(x.replace('--','-'),
LOG_TIMESTAMP_FORMAT).replace(tzinfo=None), event_times1))
File "./modsecurity-parser.py", line 360, in <lambda>
event_times = list(map(lambda x: datetime.strptime(x.replace('--','-'),
LOG_TIMESTAMP_FORMAT).replace(tzinfo=None), event_times1))
File "/usr/lib/python3.8/_strptime.py", line 568, in _strptime_datetime
tt, fraction, gmtoff_fraction = _strptime(data_string, format)
File "/usr/lib/python3.8/_strptime.py", line 349, in _strptime
raise ValueError("time data %r does not match format %r" %
ValueError: time data '13/Aug/2022:00:06:11.341644 +0000' does not match
format '%d/%b/%Y:%H:%M:%S %z'
***@***.***:/home/user15/modsecurity-parser#
пн, 5 сент. 2022 г. в 01:04, Lucjan M ***@***.***>:
… Sorry for late reply but I haven't got any file and thought that problem
was connected with the file.
I noticed that you used incorrect parameters.
Please use the following command with params:
python ./modsecurity-parser.py -f modsec_audit.log
When file is processed without errors then it should create a subfolder
named "modsec_output". Inside of it there are 3 files:
1. *.png with graph you look for
2. *.xlsx file (second sheet also should have this graph
3. *.json output
Please be noticed also that packages must be installed first with "pip
install -r requirements.txt" . Please clone the latest commit as I've just
updated it with the set of packages that should work with
modsecurity-parser (they are quite old and were grabbed from Ubuntu18 but
its possible to install them also with default python installation inside
Ubuntu 20).
—
Reply to this email directly, view it on GitHub
<#18 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AZLEW6F62HAB35RZ3W4LYJTV4T6EFANCNFSM56PI5Y2A>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
from modsecurity-parser.
molu8bits
commented on September 21, 2024
Ahh, haven't noticed ValuError before.
Try to replace line from modsecurity_parser.py from:
LOG_TIMESTAMP_FORMAT = '%d/%b/%Y:%H:%M:%S %z'
to following one:
LOG_TIMESTAMP_FORMAT = '%d/%b/%Y:%H:%M:%S.%f %z'
from modsecurity-parser.
itdeveloper50
commented on September 21, 2024
Thank you very much!
Issue has been resolved!
After editing LOG_TIMESTAMP_FORMAT as you mentioned above, now it is working.
Thank you again!
from modsecurity-parser.
molu8bits
commented on September 21, 2024
Fixed with the latest 0.5.0 release
from modsecurity-parser.
Related Issues (20)
- Error TypeError: pie() got an unexpected keyword argument 'normalize' HOT 4
- No modsecurity events found in the specified file HOT 3
- ValueError: Single argument to subplot must be a three-digit integer, not AxesSubplot(0.125,0.420962;0.149038x0.148077) HOT 2
- IndexError: too many indices for array: array is 1-dimensional, but 2 were indexed HOT 1
- Png Graph not show rule id HOT 4
- Doesn't work with python 3.11 on Wondows 10/11 with matplotlib > 3.3
- LogParts Setting HOT 2
- File config.yaml.example for global settings
- in Detection only mode on hapee-2.4/libmodsecurity3 no rules are displayed in the report HOT 5
- IndexError: too many indices for array: array is 1-dimensional, but 2 were indexed HOT 5
- --version3 and libmodsecurity 3 parsing exceptions HOT 1
- ValueError: time data
- ValueError: Single argument to subplot must be a three-digit integer, not <Axes: > HOT 2
- Generate rsyslog/nxlog compatible paersed log file per minute to get a near real time view ? HOT 5
- incorrect HELP=Yes parameters
- plt.subplot(ax21) : Function is expecting a three-digit integer instead of an Axes object. HOT 3
- Time format HOT 3
- Json not vaild HOT 1
- MatplotlibDeprecationWarning using matplotlib 3.3.1 HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from modsecurity-parser.