Dear Bernhard and Team;
version of intelmq
Also find below output;
# dpkg -S /usr/lib/python3.5/csv.pylibpython3.5-stdlib:amd64: /usr/lib/python3.5/csv.py # dpkg -S /usr/lib/python3.5/csv.pylibpython3.5-stdlib:amd64: /usr/lib/python3.5/csv.py # dpkg -l libpython3.5-stdlib | catDesired=Unknown/Install/Remove/Purge/Hold| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)||/ Name Version Architecture Description+++-=========================-======================-============-===============================================================================ii libpython3.5-stdlib:amd64 3.5.2-2ubuntu0~16.04.9 amd64 Interactive high-level object-oriented language (standard library, version 3.5) This is now OK after I changed the pymisp version.# intelmqctl checkReading configuration files.Checking defaults configuration.Checking runtime configuration.Checking runtime and pipeline configuration.Orphaned queues found: 'Elasticsearch-Output-queue', 'feodo-tracker-browse-parser-queue', 'TCP-Output-queue'. Possible leftover from past reconfigurations without cleanup. Have a look at the FAQ at https://github.com/certtools/intelmq/blob/master/docs/FAQ.mdChecking harmonization configuration.Checking for bots.No state file found. Please call 'intelmqctl upgrade-config'.No issues found.
Find below collector and parser for shadow server;
"ShadowServer-Parser": { "parameters": { "time_format": null, "extra.file_name": "%Y-%m-%d-blacklist-tanzania-geo.csv", "feedname": "Blacklisted-IP", "overwrite": false }, "name": "ShadowServer", "group": "Parser", "module": "intelmq.bots.parsers.shadowserver.parser", "description": "ShadowServer Parser is a bot capable of parsing all shadowserver feeds, depending on configuration files. Parameter 'feedname' is used as identifier to chose the correct mapping.", "enabled": true, "run_mode": "continuous", "groupname": "parsers", "bot_id": "ShadowServer-Parser" }, "ShadowServer-Parser-2": { "parameters": { "time_format": null, "extra.file_name": "%Y-%m-%d-cisco_smart_install-tanzania-geo.csv", "feedname": "Accessible-Cisco-Smart-Install", "overwrite": false }, "name": "ShadowServer", "group": "Parser", "module": "intelmq.bots.parsers.shadowserver.parser", "description": "ShadowServer Parser is a bot capable of parsing all shadowserver feeds, depending on configuration files. Parameter 'feedname' is used as identifier to chose the correct mapping.", "enabled": true, "run_mode": "continuous", "groupname": "parsers", "bot_id": "ShadowServer-Parser-2" Mail-Attachment-Fetcher-Collector": { "parameters": { "extract_files": false, "attach_regex": "[A-Za-z:0-9\\\\\\\\.\\\\\\\\_ \\\\\\\\[\\\\\\\\]", "folder": "INBOX", "mail_host": "mail.xxxx.xxxx.xxxxx", "mail_password": "xxxxxxxxxxxxxx", "mail_ssl": true, "mail_user": "xxxxx.xxxx", "name": "via IMAP", "provider": "SHADOWSERVER", "rate_limit": 300, "subject_regex": "[A-Za-z:0-9\\\\\\\\.\\\\\\\\_ \\\\\\\\[\\\\\\\\]" }, "name": "Mail Attachment Fetcher", "group": "Collector", "module": "intelmq.bots.collectors.mail.collector_mail_attach", "description": "Monitor IMAP mailboxes and retrieve mail attachments", "enabled": true, "run_mode": "continuous", "groupname": "collectors", "bot_id": "Mail-Attachment-Fetcher-Collector" Mail-Attachment-Fetcher-Collector-2": { "parameters": { "extract_files": false, "attach_regex": "[A-Za-z:0-9\\\\\\\\.\\\\\\\\_ \\\\\\\\[\\\\\\\\]", "folder": "INBOX", "mail_host": "mail.xxxx.xxxx.xxx", "mail_password": "xxxxxx", "mail_ssl": true, "mail_user": "xxxxxxx", "name": "via IMAP", "provider": "SHADOWSERVER", "rate_limit": 300, "subject_regex": "[A-Za-z:0-9\\\\\\\\.\\\\\\\\_ \\\\\\\\[\\\\\\\\]" }, "name": "Mail Attachment Fetcher", "group": "Collector", "module": "intelmq.bots.collectors.mail.collector_mail_attach", "description": "Monitor IMAP mailboxes and retrieve mail attachments", "enabled": true, "run_mode": "continuous", "groupname": "collectors", "bot_id": "Mail-Attachment-Fetcher-Collector-2" Am new user of Intelmq,may you please assist to guide me to finish this intelmq to shadow server integration. Kr,Patrick
On Wednesday, March 18, 2020, 06:42:34 PM GMT+3, Bernhard Reiter bernhard@intevation.de wrote:
Dear Patric,
Am Mittwoch 18 März 2020 15:57:14 schrieb Sebastian Wagner:
Description: Ubuntu 16.04.6 LTS
File "/usr/lib/python3.5/csv.py", line 96, in fieldnames self._fieldnames = next(self.reader, dialect=csv.excel_tab) NameError: name 'csv' is not defined
as I happen to have a comparable system here, I took a look in the file. The code on line 96 looks different, so can you double check which version you have, e.g. dpkg -S /usr/lib/python3.5/csv.py and then using the result to query it via dpkg -l, for my system: dpkg -l libpython3.5-stdlib | cat ii libpython3.5-stdlib:amd64 3.5.2-2ubuntu0~16.04.9 amd64
BTW: Which version of intelmq and how did you install it?
Best, Bernhard
