Open helge000 opened 2 months ago
I am getting this error on run: error decoding response body: invalid type: map, expected a sequence at line 1 column 0
error decoding response body: invalid type: map, expected a sequence at line 1 column 0
# ./OfficeAuditLogCollector -V office_audit_log_collector 2.5.0
# RUST_BACKTRACE=full ./OfficeAuditLogCollector --tenant-id ${MS_TENNANT_ID} --client-id ${MS_CLIENT_ID} --secret-key "${MS_SECRET_KEY}" --config config-csv.yaml [00:00:00.000] (7fb1a5265940) INFO Initializing collector. [00:00:00.000] (7fb1a5265940) INFO Logging in to Office Management API. [00:00:00.205] (7fb1a5265940) INFO Successfully logged in to Office Management API. [00:00:00.205] (7fb1a5265940) INFO Subscribing to audit feeds. [00:00:00.220] (7fb1a5265940) INFO Getting current audit feed subscriptions. [00:00:00.269] (7fb1a5265940) ERROR Could not start collector: error decoding response body: invalid type: map, expected a sequence at line 1 column 0 thread 'main' panicked at src/main.rs:38:17: Could not start collector: error decoding response body: invalid type: map, expected a sequence at line 1 column 0 stack backtrace: 0: 0x55bcb13d50d6 - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::h9c4bd387f9f3f544 1: 0x55bcb1402790 - core::fmt::write::h938c332fdab924eb 2: 0x55bcb13d107f - std::io::Write::write_fmt::h4a694b02e44e6363 3: 0x55bcb13d4eb4 - std::sys_common::backtrace::print::ha888e6736b0bc71f 4: 0x55bcb13d6587 - std::panicking::default_hook::{{closure}}::he19a7f79f7beab5e 5: 0x55bcb13d62e9 - std::panicking::default_hook::h67efe04e9a5d446e 6: 0x55bcb13d6a18 - std::panicking::rust_panic_with_hook::h49021cdbc4b22349 7: 0x55bcb13d68f2 - std::panicking::begin_panic_handler::{{closure}}::hfbf601f3d8c62d13 8: 0x55bcb13d55d6 - std::sys_common::backtrace::__rust_end_short_backtrace::h98dd020b6e913806 9: 0x55bcb13d6644 - rust_begin_unwind 10: 0x55bcb10938f5 - core::panicking::panic_fmt::h0d3f1893e38be419 11: 0x55bcb1175f35 - tokio::runtime::park::CachedParkThread::block_on::h6e8bc7ea2850705b 12: 0x55bcb1100b45 - tokio::runtime::runtime::Runtime::block_on::h7deb878531a93cbf 13: 0x55bcb1125e67 - office_audit_log_collector::main::h2a1d940d7769ef4f 14: 0x55bcb10f5273 - std::sys_common::backtrace::__rust_begin_short_backtrace::h7a034c3a8d0153b0 15: 0x55bcb115d309 - std::rt::lang_start::{{closure}}::ha8937cf3203a545b 16: 0x55bcb13ca2d1 - std::rt::lang_start_internal::hc3f700406209db2c 17: 0x55bcb1125f35 - main 18: 0x7fb1a4a29590 - __libc_start_call_main 19: 0x7fb1a4a29640 - __libc_start_main_alias_1 20: 0x55bcb1094145 - _start 21: 0x0 - <unknown>
The config I am using:
collect: skipKnownLogs: True workingDir: ./ maxThreads: 50 globalTimeout: 5 retries: 3 hoursToCollect: 168 contentTypes: Audit.General: True Audit.AzureActiveDirectory: True Audit.Exchange: True Audit.SharePoint: True DLP.All: True output: file: path: 'output.csv' separateByContentType: True separator: ';'
Not sure if you fixed this or not yet, but I had the same issue. Granting Admin Consent in the Security--->Permissions section of the app solved it for me, as per this article:
I am getting this error on run:
error decoding response body: invalid type: map, expected a sequence at line 1 column 0
The config I am using: