Hi,
Anyone who has used the Incapsula API script that is available from "https://github.com/Incapsula/logs-downloader"
Have you had any issues getting it running, i'm not able to execute the script.
I've followed the instructions, installed the required packages but still no luck. I've validated that the default directories are there and accessible.
Traceback (most recent call last):
File "/incapsula_download/script/LogsDownloader.py", line 586, in
logsDownloader = LogsDownloader(path_to_config_folder, path_to_system_logs_folder, system_logs_level)
File "/incapsula_download/script/LogsDownloader.py", line 109, in init
os.makedirs(self.config.PROCESS_DIR)
File "/usr/lib64/python2.6/os.py", line 157, in makedirs
mkdir(name, mode)
OSError: [Errno 2] No such file or directory: ''
Any help would be great.
Regards
Rob
I'm having trouble understanding how to integrate the incapsula with Splunk.
How to use the logs-downloader script? Do I have to download and use splunk?
Thanks in advance.
James
Where do you have your PROCESS_DIR in Settings.Config?
I have mine going to
PROCESS_DIR=/tmp/processed/
Make sure that you are running it as a user with access to the directory. I created the directory since the script seems to have troubles creating directories for the python script to push to.
Good spot, missed that one completely.
I've executed the script now -
No handlers could be found for logger "logsDownloader"
script/LogsDownloader.py:130: DeprecationWarning: BaseException.message has been deprecated as of Python 2.6
self.logger.error("Failed to downloading index file and starting to download all the log files in it - %s, %s", e.message, traceback.format_exc())
Thats the current message, do I assume from this that it is doing something?
I run mine with.
sudo nohup /etc/incapsula/logs/config/LogsDownloader.py &
then I tail the nohup.out and see what it is currently doing.
it works fairly quick so if you look in your process dir you should see log files there to ingest into splunk.
Final bit, did you have to set up the keys to get it to work or can it work without?
I think all my config is not correct but i'm not seeing any logs.
I did change to keys but I have had the same config working without keys as well.
did you install M2Crypto and loggerglue?
What version of linux are you installing this on?
Hey, yes installed both packages are mentioned.
Running RHEL 6.8.
Still not seeing any logs the last line seen when executing the script is
self.logger.error("Failed to downloading index file and starting to download all the log files in it - %s, %s", e.message, traceback.format_exc())
Were you able to get the logs downloaded?