diff --git a/README.rst b/README.rst index af7cbdf..1f7e920 100644 --- a/README.rst +++ b/README.rst @@ -38,16 +38,17 @@ CLI help :: - usage: parsedmarc [-h] [-o OUTPUT] [-n NAMESERVERS [NAMESERVERS ...]] - [-t TIMEOUT] [-H HOST] [-u USER] [-p PASSWORD] - [-r REPORTS_FOLDER] [-a ARCHIVE_FOLDER] [-d] - [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]] - [--save-aggregate] [--save-forensic] [-O OUTGOING_HOST] - [-U OUTGOING_USER] [-P OUTGOING_PASSWORD] [-F OUTGOING_FROM] - [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT] - [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test] - [-s] [--debug] [-v] - [file_path [file_path ...]] + usage: cli.py [-h] [-o OUTPUT] [-n NAMESERVERS [NAMESERVERS ...]] [-t TIMEOUT] + [-H HOST] [-u USER] [-p PASSWORD] [-r REPORTS_FOLDER] + [-a ARCHIVE_FOLDER] [-d] + [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]] [--hec HEC] + [--hec-key HEC_KEY] [--hec-index HEC_INDEX] [--save-aggregate] + [--save-forensic] [-O OUTGOING_HOST] [-U OUTGOING_USER] + [-P OUTGOING_PASSWORD] [-F OUTGOING_FROM] + [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT] + [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test] + [-s] [--debug] [-v] + [file_path [file_path ...]] Parses DMARC reports @@ -55,52 +56,58 @@ CLI help file_path one or more paths to aggregate or forensic report files or emails - optional arguments: - -h, --help show this help message and exit - -o OUTPUT, --output OUTPUT - Write output files to the given directory - -n NAMESERVERS [NAMESERVERS ...], --nameservers NAMESERVERS [NAMESERVERS ...] - nameservers to query (Default 8.8.8.8 4.4.4.4) - -t TIMEOUT, --timeout TIMEOUT - number of seconds to wait for an answer from DNS - (default 6.0) - -H HOST, --host HOST IMAP hostname or IP address - -u USER, --user USER IMAP user - -p PASSWORD, --password PASSWORD - IMAP password - -r REPORTS_FOLDER, --reports-folder REPORTS_FOLDER - The IMAP folder containing the reports Default: INBOX - -a ARCHIVE_FOLDER, --archive-folder ARCHIVE_FOLDER - Specifies the IMAP folder to move messages to after - processing them Default: Archive - -d, --delete Delete the reports after processing them - -E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]], --elasticsearch-host [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]] - A list of one or more Elasticsearch hostnames or URLs - to use (Default localhost:9200) - --save-aggregate Save aggregate reports to Elasticsearch - --save-forensic Save forensic reports to Elasticsearch - -O OUTGOING_HOST, --outgoing-host OUTGOING_HOST - Email the results using this host - -U OUTGOING_USER, --outgoing-user OUTGOING_USER - Email the results using this user - -P OUTGOING_PASSWORD, --outgoing-password OUTGOING_PASSWORD - Email the results using this password - -F OUTGOING_FROM, --outgoing-from OUTGOING_FROM - Email the results using this from address - -T OUTGOING_TO [OUTGOING_TO ...], --outgoing-to OUTGOING_TO [OUTGOING_TO ...] - Email the results to these addresses - -S OUTGOING_SUBJECT, --outgoing-subject OUTGOING_SUBJECT - Email the results using this subject - -A OUTGOING_ATTACHMENT, --outgoing-attachment OUTGOING_ATTACHMENT - Email the results using this filename - -M OUTGOING_MESSAGE, --outgoing-message OUTGOING_MESSAGE - Email the results using this message - -w, --watch Use an IMAP IDLE connection to process reports as they - arrive in the inbox - --test Do not move or delete IMAP messages - -s, --silent Only print errors - --debug Print debugging information - -v, --version show program's version number and exit + optional arguments: + -h, --help show this help message and exit + -o OUTPUT, --output OUTPUT + Write output files to the given directory + -n NAMESERVERS [NAMESERVERS ...], --nameservers NAMESERVERS [NAMESERVERS ...] + nameservers to query (Default is Cloudflare's) + -t TIMEOUT, --timeout TIMEOUT + number of seconds to wait for an answer from DNS + (default 6.0) + -H HOST, --host HOST IMAP hostname or IP address + -u USER, --user USER IMAP user + -p PASSWORD, --password PASSWORD + IMAP password + -r REPORTS_FOLDER, --reports-folder REPORTS_FOLDER + The IMAP folder containing the reports Default: INBOX + -a ARCHIVE_FOLDER, --archive-folder ARCHIVE_FOLDER + Specifies the IMAP folder to move messages to after + processing them Default: Archive + -d, --delete Delete the reports after processing them + -E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]], --elasticsearch-host [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]] + A list of one or more Elasticsearch hostnames or URLs + to use (e.g. localhost:9200) + --hec HEC URL to a Splunk HTTP Event Collector (HEC) + --hec-key HEC_KEY The authorization key for a Splunk HTTP event + collector (HEC) + --hec-index HEC_INDEX + The index to use when sending events to the Splunk + HTTP Events (Default: dmarc) + --save-aggregate Save aggregate reports to search indexes + --save-forensic Save forensic reports to search indexes + -O OUTGOING_HOST, --outgoing-host OUTGOING_HOST + Email the results using this host + -U OUTGOING_USER, --outgoing-user OUTGOING_USER + Email the results using this user + -P OUTGOING_PASSWORD, --outgoing-password OUTGOING_PASSWORD + Email the results using this password + -F OUTGOING_FROM, --outgoing-from OUTGOING_FROM + Email the results using this from address + -T OUTGOING_TO [OUTGOING_TO ...], --outgoing-to OUTGOING_TO [OUTGOING_TO ...] + Email the results to these addresses + -S OUTGOING_SUBJECT, --outgoing-subject OUTGOING_SUBJECT + Email the results using this subject + -A OUTGOING_ATTACHMENT, --outgoing-attachment OUTGOING_ATTACHMENT + Email the results using this filename + -M OUTGOING_MESSAGE, --outgoing-message OUTGOING_MESSAGE + Email the results using this message + -w, --watch Use an IMAP IDLE connection to process reports as they + arrive in the inbox + --test Do not move or delete IMAP messages + -s, --silent Only print errors + --debug Print debugging information + -v, --version show program's version number and exit SPF and DMARC record validation =============================== diff --git a/docs/index.rst b/docs/index.rst index f8afea7..a1484e3 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -45,16 +45,17 @@ CLI help :: - usage: parsedmarc [-h] [-o OUTPUT] [-n NAMESERVERS [NAMESERVERS ...]] - [-t TIMEOUT] [-H HOST] [-u USER] [-p PASSWORD] - [-r REPORTS_FOLDER] [-a ARCHIVE_FOLDER] [-d] - [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]] - [--save-aggregate] [--save-forensic] [-O OUTGOING_HOST] - [-U OUTGOING_USER] [-P OUTGOING_PASSWORD] [-F OUTGOING_FROM] - [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT] - [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test] - [-s] [--debug] [-v] - [file_path [file_path ...]] + usage: cli.py [-h] [-o OUTPUT] [-n NAMESERVERS [NAMESERVERS ...]] [-t TIMEOUT] + [-H HOST] [-u USER] [-p PASSWORD] [-r REPORTS_FOLDER] + [-a ARCHIVE_FOLDER] [-d] + [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]] [--hec HEC] + [--hec-key HEC_KEY] [--hec-index HEC_INDEX] [--save-aggregate] + [--save-forensic] [-O OUTGOING_HOST] [-U OUTGOING_USER] + [-P OUTGOING_PASSWORD] [-F OUTGOING_FROM] + [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT] + [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test] + [-s] [--debug] [-v] + [file_path [file_path ...]] Parses DMARC reports @@ -67,7 +68,7 @@ CLI help -o OUTPUT, --output OUTPUT Write output files to the given directory -n NAMESERVERS [NAMESERVERS ...], --nameservers NAMESERVERS [NAMESERVERS ...] - nameservers to query ((Default is Cloudflare's) + nameservers to query (Default is Cloudflare's) -t TIMEOUT, --timeout TIMEOUT number of seconds to wait for an answer from DNS (default 6.0) @@ -83,9 +84,15 @@ CLI help -d, --delete Delete the reports after processing them -E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]], --elasticsearch-host [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]] A list of one or more Elasticsearch hostnames or URLs - to use (Default localhost:9200) - --save-aggregate Save aggregate reports to Elasticsearch - --save-forensic Save forensic reports to Elasticsearch + to use (e.g. localhost:9200) + --hec HEC URL to a Splunk HTTP Event Collector (HEC) + --hec-key HEC_KEY The authorization key for a Splunk HTTP event + collector (HEC) + --hec-index HEC_INDEX + The index to use when sending events to the Splunk + HTTP Events (Default: dmarc) + --save-aggregate Save aggregate reports to search indexes + --save-forensic Save forensic reports to search indexes -O OUTGOING_HOST, --outgoing-host OUTGOING_HOST Email the results using this host -U OUTGOING_USER, --outgoing-user OUTGOING_USER