AaronSeibert
commented
1 year ago Hello -
The encryption key must be provided by you, and be the same key uploaded to CloudWAF. The relevant lines that discuss this in the readme are:
In the keys subfolder, create a subfolder with a single digit name. This digit should specify whether this is the first encryption key uploaded (1), the second (2) or so on Inside that folder, save the private key with the name Private.key.
So, the first key you upload to CloudWAF would get added to /etc/incapsula/logs/config/keys/1/Private.key, the second key goes to keys/2/Private.key, and so on and so forth.
The Issue Summary Unable to decrypt the file, due to No such file or directory: '/etc/incapsula/logs/config/keys/2/Private.key'
Question Anyone can advise, where to get the private key. Thank you
2022-09-02 05:04:11,830 INFO LogsDownloader initializing is done 2022-09-02 05:04:11,834 INFO No last downloaded file is found - downloading index file and starting to download all the log files in it 2022-09-02 05:04:11,834 INFO Downloading logs index file... /usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py:1052: InsecureRequestWarning: Unverified HTTPS request is being made to host 'logs1.incapsula.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings InsecureRequestWarning, 2022-09-02 05:04:12,878 INFO Successfully downloaded file from URL https://logs1.incapsula.com/xxxxxxxxxxxx/logs.index 2022-09-02 05:04:12,887 INFO No last index found, will now scan the entire index... /usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py:1052: InsecureRequestWarning: Unverified HTTPS request is being made to host 'logs1.incapsula.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings InsecureRequestWarning, 2022-09-02 05:04:13,452 INFO Successfully downloaded file from URL https://logs1.incapsula.com/xxxxxxxxx/xxxxxxxxxxx.log 2022-09-02 05:04:13,456 WARNING Keys Dir: /etc/incapsula/logs/config/keys 2022-09-02 05:04:13,459 INFO Saving file 5054_418192.log locally to the 'fail' folder [Errno 2] No such file or directory: '/etc/incapsula/logs/config/keys/2/Private.key' Traceback (most recent call last): File "LogsDownloader.py", line 224, in handle_file decrypted_file = self.decrypt_file(result[1], logfile) File "LogsDownloader.py", line 327, in decrypt_file private_key = bytes(open(os.path.join(public_key_directory, "Private.key"), "r").read(), 'utf-8') FileNotFoundError: [Errno 2] No such file or directory: '/etc/incapsula/logs/config/keys/2/Private.key'
2022-09-02 05:04:13,459 ERROR Failed to downloading index file and starting to download all the log files in it - write() argument must be str, not bytes, Traceback (most recent call last): File "LogsDownloader.py", line 224, in handle_file decrypted_file = self.decrypt_file(result[1], logfile) File "LogsDownloader.py", line 327, in decrypt_file private_key = bytes(open(os.path.join(public_key_directory, "Private.key"), "r").read(), 'utf-8') FileNotFoundError: [Errno 2] No such file or directory: '/etc/incapsula/logs/config/keys/2/Private.key'
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "LogsDownloader.py", line 131, in get_log_files self.first_time_scan() File "LogsDownloader.py", line 200, in first_time_scan success = self.handle_file(log_file_name) File "LogsDownloader.py", line 237, in handle_file file.write(result[1]) TypeError: write() argument must be str, not bytes
2022-09-02 05:04:13,460 INFO Sleeping for 30 seconds before trying to fetch logs again...