Connected but not seeing files downloaded and ingested.

[charm-lor]

I've setup the script per the readme instructions. The Settings.Config has proper info. While the logs_downloader.log shows the logdownloader connecting to imperva, I don't see any logs in the IMPERVA_LOG_DIRECTORY as specified in the Settings.Config. Of course, while I've setup a files & directories monitor, I do not see any logs ingested. What am I missing?

2022-02-24 14:42:39,888 INFO Successfully downloaded file from URL https://logs1.incapsula.com/8416_1745073/logs.index 2022-02-24 14:42:39,889 INFO No last index found, will now scan the entire index... 2022-02-24 14:42:39,890 INFO Marked file for download: 8416_179.log 2022-02-24 14:42:39,890 INFO Marked file for download: 8416_180.log 2022-02-24 14:42:39,890 INFO Marked file for download: 8416_181.log

[charm-lor]

The script was looking for a /etc/incapsula/logs/config/LastKnownDownloadedFileId.txt which contains the name of the last file downloaded. It didn't exist so I created one and put the name of a log as the last downloaded file which I got from the list that came back from running the following curl. curl -k -u "APIID:APIKEY"https://logs1.incapsula.com/"clientID"/logs.index

(Note: it does not like the .log in the LastKnownDownloadedFileId.txt file).

Running the script afterwards got me further but resulted in this error:
Error -3 while decompressing data: incorrect header check Traceback (most recent call last)

[charm-lor]

I tried it with compressed logs and uncompressed logs but still getting same error. I inserted the following code to write the file being downloaded prior to decompression on line 300. The file appears to be encrypted but somehow, the logs are now ingesting without any errors. I've commented out the code and the script continues to work now. Don't know what the issue was.

    # tmp_file = open("/tmp/" + filename,"wb")
    # tmp_file.write(file_log_content)
    # tmp_file.close()