search

magneticstain / Inquisition

An advanced and versatile open-source network anomaly detection platform
MIT License
8 stars 4 forks source link

Exception When Running Inquisition.py w/ Parser Set to Read Nonexistant Log File #132

Closed magneticstain closed 5 years ago

magneticstain commented 5 years ago 
FileNotFoundError: [Errno 2] No such file or directory: '/var/log/test.log'
Exception ignored in: <bound method Pygtail.__del__ of <pygtail.core.Pygtail object at 0x7f73793e6ef0>>
Traceback (most recent call last):
  File "/usr/local/lib/python3.5/dist-packages/pygtail/core.py", line 93, in __del__
    if self._filehandle():
  File "/usr/local/lib/python3.5/dist-packages/pygtail/core.py", line 175, in _filehandle
    self._fh = open(filename, "r", 1)
FileNotFoundError: [Errno 2] No such file or directory: '/var/log/test.log'
sysadmin@lhr1inquisition01:~$ sudo mysql inquisition -e "select * from Parsers where parser_log = '/var/log/test'\G"
*************************** 1. row ***************************
  parser_id: 1
parser_name: test_parser
 parser_log: /var/log/test
    created: 2018-11-17 15:54:08
    updated: 2018-11-17 15:54:08
     status: 1
sysadmin@lhr1inquisition01:~$ ls /var/log/test
ls: cannot access '/var/log/test': No such file or directory
sysadmin@lhr1inquisition01:~$
magneticstain commented 5 years ago

Fixed:

2018-11-18 04:30:48,707 [ ERROR ] [ lib.anatomize.Anatomize ] error reading parser file :: [ target file for parsing not found :: [ FILE: /var/log/nonexistant ] ]
2018-11-18 04:30:50,708 [ ERROR ] [ lib.anatomize.Anatomize ] error reading parser file :: [ target file for parsing not found :: [ FILE: /var/log/nonexistant ] ]