search

domainaware / parsedmarc

A Python package and CLI for parsing aggregate and forensic DMARC reports
https://domainaware.github.io/parsedmarc/
Apache License 2.0
986 stars 214 forks source link

How to use (the CLI) #304

Open tmerten opened 2 years ago

tmerten commented 2 years ago

Hello everybody,

I am currently trying to get started with parsedmarc and I am having trouble understanding the workflow. I started with the CLI in a directory containing some dmarc reports like this

parsedmarc -c ~/.parsedmarc.ini --debug --aggregate-csv-filename ./aggregate.csv --forensic-csv-filename forensic.csv  *

and I was hoping to have some CSV files laying around (or some kind of report I leave out the --*csv-filename flags). Unfortunately, I see nothing.

My parsedmark.ini is rather straightforward

[general]
ip_db_path = /opt/homebrew/lib/python3.9/site-packages/parsedmarc/resources/dbip-country-lite.mmdb

That said, I think it would be super beneficial for the README.md to have a How To section with the most important use cases (e.g. How to use the CLI, How to setup email reports, maybe How to setup parsedmarc with Elasatic and Kibana). After I gained some understanding I am willing to do a PR but currently I am not sure if the behaviour described above is expeced (due to missing configuration or wrong usage) or an error.

bendem commented 1 year ago

I didn't quite understand how the cli works. Flags seem to conflict with each others and the config file. Adding or removing a flag can change the behavior wildly. My understanding is that you get all files or none by specifying -o directory. The --*filename flags possibly changes the name of the files in that output directory. I've seen hints that this changed because the internet tells me -o aggregate.csv is valid but it doesn't seem to work.