- Python 100%
| example_data | ||
| .gitignore | ||
| config.yml | ||
| LICENSE.md | ||
| pacrunch.py | ||
| README.md | ||
| requirements.txt | ||
Palo Alto Log Cruncher
Introduction
pacrunch.py is a Python application that can "crunch" Palo Alto traffic log files. This script was written for work in a hurry and it is my intention to go over it and fix it in the future, there may be some overlooked bugs. It was a useful script for essentially one niche purpose.
To Do
- Add more command line arguments.
- Clean up the code.
- Figure out more useful features to add.
- Add support for IPv6 (Hard to do currently as my workplace doesn't support IPv6 yet).
Features
- Deduplicate rows by specifying a column that should be unique.
- Remove empty rows.
- Remove specific columns by their header name.
- Perform a reverse DNS lookup on IP addresses and add a new column with the results.
- Override the local host DNS server and specify your own.
About This Release
This is the first official release and it may have some bugs.
Installation
Installing Python
You will be required to install Python 3 if you don't currently have it.
Link: Python3, the latest version is recommended.
Optional Setup
It is recommended that you install this application in a Python Virtual Environment, you can do that by navigating to the directoy containing pacrunch.py and typing the following command in the terminal (or powershell)
python3 -m venv ./venv
You can then launch the virtual environment with one of the following commands:
Linux/macOS
source ./venv/bin/activate
Windows (PowerShell)
source .\venv\bin\activate.ps1
Required Setup
You can use the requirement.txt to install the required modules
pip3 install -r requirements.txt
Running pacrunch.py
First, make sure to review and edit the config.yml with your requirements.
Once you are happy with the configuration, you can run the program:
python3 pacrunch.py