search

jertel / dmarc2logstash

Injects POP3-polled DMARC feedback reports into Elasticsearch via Logstash and Filebeat.
MIT License
16 stars 4 forks source link

[Errno 1] Unknown host #13

Open restena-pyg opened 3 months ago

restena-pyg commented 3 months ago

Hi

If an IP address cannot resolved by socket.gethostbyaddr(ip) call, it throws an uncaught exception and the XML report is ignored: WARNING - Unable to parse attachment; name="<redacted>.xml"; reason="[Errno 1] Unknown host"

Such a change could fix the problem

def lookupHostFromIp(ip):
    host = ip
    try:
        hosts = socket.gethostbyaddr(ip)
        if len(hosts) > 0:
            host = hosts[0]
            segments = host.split('.')
            if len(segments) > 2:
                host = segments[-2] + "." + segments[-1]
    except socket.herror:
        pass
    except Exception as e:
        print(f"An error occurred: {e}")

    return host
jertel commented 3 months ago

Thanks. Would you like to submit a PR?

jertel commented 2 months ago

Resolved by #14.

@restena-pyg Please try the latest tag of this docker image and see if it's working as expected.