Closed syunusic closed 3 years ago
Hi @syunusic, we are updating the minimum and recommended Python versions for this tool as Python 3.5 is now EOL. See PR https://github.com/sophos/Sophos-Central-SIEM-Integration/pull/49
Can you please try again with Python 3.6 or 3.7? Thanks
Traceback (most recent call last):
File "siem.py", line 20, in <module>
import state
File "/opt/Sophos-Central-SIEM-Integration/state.py", line 17, in <module>
from pathlib import Path
ImportError: No module named pathlib
I am also getting a similar error @syunusic are you able to get this error resolved.
@gauravm-optimus Looks like you're running python2 or an earlier version of python3. This hash-bang line in siem.py should almost certainly be changed from:
#!/usr/bin/env python
to
#!/usr/bin/env python3
Now that python2 is no longer supported because most people still have python as a link to python2 for historical reasons.
Ok, so I did a couple of things: First, I completed config.ini configuration according to https://support.sophos.com/support/s/article/KB-000036372?language=en_US. I did struggle a lot with the tenant-id part.. because I didn't know if my account was a partner one, or an organization one, or whatever. So I followed instructions from https://developer.sophos.com/getting-started and I always got an error (forbidden) when it comes to list the tenants. So, at the end I let tenant-id blank. I still have errors. So I did what @keely suggested, so I changed from "python" to "python3" (which pointed to 3.5 at that time), no luck. At the end I upgrade python3 to 3.7.9 as suggested @rkamat and that did the trick (after change all the "#!/usr/bin/env python3" to "#!/usr/bin/env python3.7" in api_client-py, congif.py, siem.py, state.py and test_regression.py). Now I'm receiving data as expected. PS: In the meantime, what I did, it was to use an old version of the script (v.1.1), and worked fine.
Indeed, the fact that python3 is in the path is no guarantee it's linking to the right version of Python (could be using the brew link command or Linux equivalents). Could do this:
import sys
REQUIRED_VERSION_MAJOR = 3
REQUIRED_VERSION_MINOR = 5
if not (sys.version_info.major == REQUIRED_VERSION_MAJOR and sys.version_info.minor >= REQUIRED_VERSION_MINOR):
print("Sophos SIEM requires Python %d.%d or higher!" % (REQUIRED_VERSION_MAJOR, REQUIRED_VERSION_MINOR))
print("You are using Python %d.%d." % (sys.version_info.major, sys.version_info.minor))
sys.exit(1)
It should spell out what's going on for users with more complex setups.
@keeely shouldn't be:
REQUIRED_VERSION_MINOR = 7
?
Readme currently says:
The script requires Python 3.5+ to run.
I was just going on that :).
Thanks @keeely, @syunusic, the PR has now been updated: https://github.com/sophos/Sophos-Central-SIEM-Integration/pull/49 with this suggestion.
I just clone the project, put API Access URL + Headers in config.ini and try to run siem.py, but I got this error:
I'm using python 3.5 in a Centos 7 box:
config.ini:
Where is my error?