-
Notifications
You must be signed in to change notification settings - Fork 325
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature Request Cisco ASA Logfiles #4654
Comments
@Moneysac90 do you plan to work on this? |
Yes I am already trying but I just don't understand how log2timeline (or psteal.py) calls the parsers. I followed the documentation and I executed the following command:
this results in an error every single time:
It would also be great to have some kind of development template. So anyone who wants to develop a new parser can start programming the logic rather than messing with the log2time architecture. |
And this is not providing you sufficient information? |
@joachimmetz Unfortunately not. I followed the documentation and created the parser (cisco_asa.py). The location is How do I call log2timeline.py to specify my own parser?
|
without the code hard for me to tell, do you have a WIP branch somewhere? |
I just forked the repository and added the changed files. Please see: |
to double check you are running with the edited version as your main log2timeline module?
|
Looks like you have a rogue incorrect import in your |
Some more issues in the code:
Looks like you're registering the event data object as a text parser plugin in Moneysac90@a95e721#diff-8faecfb4fbda4f18715f4649930bf2f42291b1633446038fa33fb420ae4bdb72R308 |
After making those changes |
okay, thanks for pointing out the issues. Unfortunately I encounter the next issue:
How can I call my parser ( |
|
@Moneysac90 were you planning to submit your changes as a PR? |
Currently Cisco ASA Logfiles cannot be processed. See example file attached.
cisco_ASA_example.log
The text was updated successfully, but these errors were encountered: