We are trying to integrate Cloud WAF logs with SIEM solution ArcSight
While running python script available on GITHub getting below error. Please assist.
GITHub URL -
https://github.com/imperva/incapsula-logs-downloader [root@localhost processed]# python3 /home/mtech/Documents/SIEM/incapsula-logs-downloader-master/script/LogsDownloader.py -c /home/mtech/Documents/SIEM/incapsula-logs-downloader-master/config/
2022-12-21 23:50:39,869 ERROR Exception while getting LogsDownloader config file - Could Not find Configuration file - Traceback (most recent call last):
File "/usr/lib64/python3.6/configparser.py", line 789, in get
value = d[option]
File "/usr/lib64/python3.6/collections/__init__.py", line 883, in __getitem__
return self.__missing__(key) # support subclasses that define __missing__
File "/usr/lib64/python3.6/collections/__init__.py", line 875, in __missing__
raise KeyError(key)
KeyError: 'syslog_proto'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/mtech/Documents/SIEM/incapsula-logs-downloader-master/script/LogsDownloader.py", line 98, in __init__
self.config = self.config_reader.read()
File "/home/mtech/Documents/SIEM/incapsula-logs-downloader-master/script/LogsDownloader.py", line 554, in read
config.SYSLOG_PROTO = os.environ.get('IMPERVA_SYSLOG_PROTO', config_parser.get('SETTINGS','SYSLOG_PROTO'))
File "/usr/lib64/python3.6/configparser.py", line 792, in get
raise NoOptionError(option, section)
configparser.NoOptionError: No option 'syslog_proto' in section: 'SETTINGS'
Could Not find Configuration file
[root@localhost processed]#
#CloudWAF(formerlyIncapsula)------------------------------
Urvin Shah
Senior Cybersecurity Consultant
M.Tech Solutions (India) PRIVATE LIMITED
Mumbai
------------------------------