Closed LMarly closed 3 months ago
I don't know how to cr4eate the xml file, but it should work if you put an email with the xml file attached in the inboix folder
Did you get some log in the container when the email are analyse ?
sorry, I never checked that because it worked instantly for me and everything was in kibana
Do you think that can come from kibana, I have this log :
2024-07-24 09:44:24 parsedmarc-kibana | [2024-07-24T09:44:24.228+02:00][INFO ][plugins.fleet] Fleet Usage: {"agents_enabled":true,"agents":{"total_enrolled":0,"healthy":0,"unhealthy":0,"offline":0,"inactive":0,"unenrolled":0,"total_all_statuses":0,"updating":0},"fleet_server":{"total_all_statuses":0,"total_enrolled":0,"healthy":0,"unhealthy":0,"offline":0,"updating":0,"inactive":0,"unenrolled":0,"num_host_urls":0},"license_issued_to":"parsedmarc"}
2024-07-24 09:59:18 parsedmarc-kibana | [2024-07-24T09:59:18.287+02:00][INFO ][plugins.fleet] Running Fleet Usage telemetry send task
2024-07-24 09:59:27 parsedmarc-kibana | [2024-07-24T09:59:27.236+02:00][INFO ][plugins.fleet] Fleet Usage: {"agents_enabled":true,"agents":{"total_enrolled":0,"healthy":0,"unhealthy":0,"offline":0,"inactive":0,"unenrolled":0,"total_all_statuses":0,"updating":0},"fleet_server":{"total_all_statuses":0,"total_enrolled":0,"healthy":0,"unhealthy":0,"offline":0,"updating":0,"inactive":0,"unenrolled":0,"num_host_urls":0},"license_issued_to":"parsedmarc"}
yes that is kibana
Yes, I know that come from kibana but do you think that this can be a blocking point ? That just [INFO] log but we never know
I think not
Ok, thank you I add the email in the dmarc record, I will see if that change something
So I put delete in false in the config.ini file and now the report send from my domain are well interpreted That all work well for the moment
Thank you
Hello,
I have finally finish to solve all the error. All the docker container are in green. But now I would like to send some test email to see if it's work well before putting the email address in the RUA.
How can I send manually some report ? I try to send to .xml and .txt file with fake information in it but the email just disappears after few second. When I send a .zip file with .xml in it, that just put the email in the folder Archive --> Invalid (it's done that just one time and now it's not working anymore).
Do you know if we have a template to respect for the email, like a specific word in the subject or the body of the mail.
Also, this is the .xml file that I put in the zip, maybe the problem come from him :
In the docker logs, I have nothing who appears, the last log I have is a elastic connection error on parsedmarc container so I do a curl to verify and the connection is good now, so I don't really understand where the problem come from
I just have a log for kibana but not sure it's related :
Thank you for your help