From b9e72465e5b02c566ca0cfb61cd1fa0027ca0171 Mon Sep 17 00:00:00 2001 From: Sean Whalen Date: Sun, 13 Jan 2019 12:41:04 -0500 Subject: [PATCH] 5.2.0 --- _modules/index.html | 4 +- _modules/parsedmarc.html | 82 ++++++++++++++++++++++++++---- _modules/parsedmarc/elastic.html | 42 ++++++++++++---- _modules/parsedmarc/splunk.html | 4 +- _modules/parsedmarc/utils.html | 4 +- _sources/index.rst.txt | 65 +++++++++++++++--------- _static/documentation_options.js | 2 +- genindex.html | 4 +- index.html | 84 ++++++++++++++++++++----------- objects.inv | Bin 750 -> 750 bytes py-modindex.html | 4 +- search.html | 4 +- searchindex.js | 2 +- 13 files changed, 213 insertions(+), 88 deletions(-) diff --git a/_modules/index.html b/_modules/index.html index 98d3047..2825093 100644 --- a/_modules/index.html +++ b/_modules/index.html @@ -8,7 +8,7 @@ - Overview: module code — parsedmarc 5.1.3 documentation + Overview: module code — parsedmarc 5.2.0 documentation @@ -56,7 +56,7 @@
- 5.1.3 + 5.2.0
diff --git a/_modules/parsedmarc.html b/_modules/parsedmarc.html index e13e2ef..7b3e68b 100644 --- a/_modules/parsedmarc.html +++ b/_modules/parsedmarc.html @@ -8,7 +8,7 @@ - parsedmarc — parsedmarc 5.1.3 documentation + parsedmarc — parsedmarc 5.2.0 documentation @@ -56,7 +56,7 @@
- 5.1.3 + 5.2.0
@@ -183,7 +183,12 @@ from parsedmarc.utils import timestamp_to_human, human_timestamp_to_datetime from parsedmarc.utils import parse_email -__version__ = "5.1.3" +__version__ = "5.2.0" + +logging.basicConfig( + format='%(levelname)8s:%(filename)s:%(lineno)d:' + '%(message)s', + datefmt='%Y-%m-%d:%H:%M:%S') logger = logging.getLogger("parsedmarc") logger.debug("parsedmarc v{0}".format(__version__)) @@ -1317,11 +1322,12 @@ except imapclient.exceptions.IMAPClientError as error: error = error.__str__().lstrip("b'").rstrip("'").rstrip(".") # Workaround for random Exchange/Office365 IMAP errors - if "Server Unavailable" in error or "BAD" in error: + if "unexpected response" in error or "BAD" in error: sleep_minutes = 5 logger.debug( - "Received Server Unavailable response" - "Waiting {0} minutes before trying again".format( + "{0}. " + "Waiting {1} minutes before trying again".format( + error, sleep_minutes)) time.sleep(sleep_minutes * 60) results = get_dmarc_reports_from_inbox( @@ -1351,7 +1357,31 @@ except ConnectionRefusedError: raise IMAPError("Connection refused") except ConnectionResetError: - raise IMAPError("Connection reset") + sleep_minutes = 5 + logger.debug( + "Connection reset. " + "Waiting {0} minutes before trying again".format(sleep_minutes)) + time.sleep(sleep_minutes * 60) + results = get_dmarc_reports_from_inbox( + host=host, + user=user, + password=password, + connection=connection, + port=port, + ssl=ssl, + ssl_context=ssl_context, + move_supported=move_supported, + reports_folder=reports_folder, + archive_folder=archive_folder, + delete=delete, + test=test, + nameservers=nameservers, + dns_timeout=dns_timeout, + strip_attachment_payloads=strip_attachment_payloads, + results=results + ) + + return results except ConnectionAbortedError: raise IMAPError("Connection aborted") except TimeoutError: @@ -1607,8 +1637,13 @@ except imapclient.exceptions.IMAPClientError as error: error = error.__str__().replace("b'", "").replace("'", "") # Workaround for random Exchange/Office365 IMAP errors - if "Server Unavailable" in error or "BAD" in error: - logger.debug("IMAP error: {0}".format(error)) + if "unexpected response" in error or "BAD" in error: + sleep_minutes = 5 + logger.debug( + "{0}. " + "Waiting {1} minutes before trying again".format( + error, + sleep_minutes)) logger.debug("Reconnecting watcher") server = imapclient.IMAPClient(host) server.login(username, password) @@ -1736,8 +1771,33 @@ idle_start_time = time.monotonic() break except imapclient.exceptions.IMAPClientError as error: - error = error.__str__().lstrip("b'").rstrip("'").rstrip(".") - raise IMAPError(error) + error = error.__str__().replace("b'", "").replace("'", "") + # Workaround for random Exchange/Office365 IMAP errors + if "unexpected response" in error or "BAD" in error: + sleep_minutes = 5 + logger.debug( + "{0}. " + "Waiting {1} minutes before trying again".format( + error, + sleep_minutes)) + logger.debug("Reconnecting watcher") + server = imapclient.IMAPClient(host) + server.login(username, password) + server.select_folder(rf) + idle_start_time = time.monotonic() + ms = "MOVE" in get_imap_capabilities(server) + res = get_dmarc_reports_from_inbox(connection=server, + move_supported=ms, + reports_folder=rf, + archive_folder=af, + delete=delete, + test=test, + nameservers=ns, + dns_timeout=dt) + callback(res) + server.idle() + else: + raise IMAPError(error) except socket.gaierror: raise IMAPError("DNS resolution failed") except ConnectionRefusedError: diff --git a/_modules/parsedmarc/elastic.html b/_modules/parsedmarc/elastic.html index c47db37..41e5e55 100644 --- a/_modules/parsedmarc/elastic.html +++ b/_modules/parsedmarc/elastic.html @@ -8,7 +8,7 @@ - parsedmarc.elastic — parsedmarc 5.1.3 documentation + parsedmarc.elastic — parsedmarc 5.2.0 documentation @@ -56,7 +56,7 @@
- 5.1.3 + 5.2.0
@@ -314,16 +314,29 @@ """Raised when a report to be saved matches an existing report""" -
[docs]def set_hosts(hosts): +
[docs]def set_hosts(hosts, use_ssl=False, ssl_cert_path=None): """ Sets the Elasticsearch hosts to use Args: - hosts: A single hostname or URL, or list of hostnames or URLs + hosts (str): A single hostname or URL, or list of hostnames or URLs + use_ssl (bool): Use a HTTPS connection to the server + ssl_cert_path (str): Path to the certificate chain """ if type(hosts) != list: hosts = [hosts] - connections.create_connection(hosts=hosts, timeout=20)
+ conn_params = { + "hosts": hosts, + "timeout": 20 + } + if use_ssl: + conn_params['use_ssl'] = True + if ssl_cert_path: + conn_params['verify_certs'] = True + conn_params['ca_certs'] = ssl_cert_path + else: + conn_params['verify_certs'] = False + connections.create_connection(**conn_params)
[docs]def create_indexes(names, settings=None): @@ -399,13 +412,15 @@
[docs]def save_aggregate_report_to_elasticsearch(aggregate_report, - index_suffix=None): + index_suffix=None, + monthly_indexes=False): """ Saves a parsed DMARC aggregate report to ElasticSearch Args: aggregate_report (OrderedDict): A parsed forensic report index_suffix (str): The suffix of the name of the index to save to + monthly_indexes (bool): Use monthly indexes instead of daily indexes Raises: AlreadySaved @@ -420,7 +435,10 @@ end_date = human_timestamp_to_datetime(metadata["end_date"]) begin_date_human = begin_date.strftime("%Y-%m-%d %H:%M:%S") end_date_human = end_date.strftime("%Y-%m-%d %H:%M:%S") - index_date = begin_date.strftime("%Y-%m-%d") + if monthly_indexes: + index_date = begin_date.strftime("%Y-%m") + else: + index_date = begin_date.strftime("%Y-%m-%d") aggregate_report["begin_date"] = begin_date aggregate_report["end_date"] = end_date date_range = [aggregate_report["begin_date"], @@ -509,13 +527,16 @@
[docs]def save_forensic_report_to_elasticsearch(forensic_report, - index_suffix=None): + index_suffix=None, + monthly_indexes=False): """ Saves a parsed DMARC forensic report to ElasticSearch Args: forensic_report (OrderedDict): A parsed forensic report index_suffix (str): The suffix of the name of the index to save to + monthly_indexes (bool): Use monthly indexes instead of daily + indexes Raises: AlreadySaved @@ -619,7 +640,10 @@ index = "dmarc_forensic" if index_suffix: index = "{0}_{1}".format(index, index_suffix) - index_date = arrival_date.strftime("%Y-%m-%d") + if monthly_indexes: + index_date = arrival_date.strftime("%Y-%m") + else: + index_date = arrival_date.strftime("%Y-%m-%d") index = "{0}-{1}".format(index, index_date) create_indexes([index]) forensic_doc.meta.index = index diff --git a/_modules/parsedmarc/splunk.html b/_modules/parsedmarc/splunk.html index 9ceac68..ecb2518 100644 --- a/_modules/parsedmarc/splunk.html +++ b/_modules/parsedmarc/splunk.html @@ -8,7 +8,7 @@ - parsedmarc.splunk — parsedmarc 5.1.3 documentation + parsedmarc.splunk — parsedmarc 5.2.0 documentation @@ -56,7 +56,7 @@
- 5.1.3 + 5.2.0
diff --git a/_modules/parsedmarc/utils.html b/_modules/parsedmarc/utils.html index db7b0c2..dd9263b 100644 --- a/_modules/parsedmarc/utils.html +++ b/_modules/parsedmarc/utils.html @@ -8,7 +8,7 @@ - parsedmarc.utils — parsedmarc 5.1.3 documentation + parsedmarc.utils — parsedmarc 5.2.0 documentation @@ -56,7 +56,7 @@
- 5.1.3 + 5.2.0
diff --git a/_sources/index.rst.txt b/_sources/index.rst.txt index 01e3aaa..6d4a26d 100644 --- a/_sources/index.rst.txt +++ b/_sources/index.rst.txt @@ -62,27 +62,30 @@ CLI help :: usage: parsedmarc [-h] [--strip-attachment-payloads] [-o OUTPUT] - [-n NAMESERVERS [NAMESERVERS ...]] [-t TIMEOUT] [-H HOST] - [-u USER] [-p PASSWORD] [--imap-port IMAP_PORT] - [--imap-skip-certificate-verification] [--imap-no-ssl] - [-r REPORTS_FOLDER] [-a ARCHIVE_FOLDER] [-d] - [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]] - [--elasticsearch-index-suffix ELASTICSEARCH_INDEX_SUFFIX] - [--hec HEC] [--hec-token HEC_TOKEN] [--hec-index HEC_INDEX] - [--hec-skip-certificate-verification] - [-K [KAFKA_HOSTS [KAFKA_HOSTS ...]]] - [--kafka-username KAFKA_USERNAME] - [--kafka-password KAFKA_PASSWORD] [--kafka-use-ssl] - [--kafka-aggregate-topic KAFKA_AGGREGATE_TOPIC] - [--kafka-forensic_topic KAFKA_FORENSIC_TOPIC] - [--save-aggregate] [--save-forensic] [-O OUTGOING_HOST] - [-U OUTGOING_USER] [-P OUTGOING_PASSWORD] - [--outgoing-port OUTGOING_PORT] - [--outgoing-ssl OUTGOING_SSL] [-F OUTGOING_FROM] - [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT] - [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test] - [-s] [--debug] [-v] - [file_path [file_path ...]] + [-n NAMESERVERS [NAMESERVERS ...]] [-t TIMEOUT] [-H HOST] + [-u USER] [-p PASSWORD] [--imap-port IMAP_PORT] + [--imap-skip-certificate-verification] [--imap-no-ssl] + [-r REPORTS_FOLDER] [-a ARCHIVE_FOLDER] [-d] + [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]] + [--elasticsearch-index-suffix ELASTICSEARCH_INDEX_SUFFIX] + [--elasticsearch-use-ssl] + [--elasticsearch-ssl-cert-path ELASTICSEARCH_SSL_CERT_PATH] + [--elasticsearch-monthly-indexes] [--hec HEC] + [--hec-token HEC_TOKEN] [--hec-index HEC_INDEX] + [--hec-skip-certificate-verification] + [-K [KAFKA_HOSTS [KAFKA_HOSTS ...]]] + [--kafka-username KAFKA_USERNAME] + [--kafka-password KAFKA_PASSWORD] [--kafka-use-ssl] + [--kafka-aggregate-topic KAFKA_AGGREGATE_TOPIC] + [--kafka-forensic_topic KAFKA_FORENSIC_TOPIC] + [--save-aggregate] [--save-forensic] [-O OUTGOING_HOST] + [-U OUTGOING_USER] [-P OUTGOING_PASSWORD] + [--outgoing-port OUTGOING_PORT] + [--outgoing-ssl OUTGOING_SSL] [-F OUTGOING_FROM] + [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT] + [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test] + [-s] [--debug] [--log-file LOG_FILE] [-v] + [file_path [file_path ...]] Parses DMARC reports @@ -124,6 +127,13 @@ CLI help --elasticsearch-index-suffix ELASTICSEARCH_INDEX_SUFFIX append this suffix to the dmarc_aggregate and dmarc_forensic Elasticsearch index names, joined by _ + --elasticsearch-use-ssl + Use SSL when connecting to Elasticsearch + --elasticsearch-ssl-cert-path ELASTICSEARCH_SSL_CERT_PATH + Path to the Elasticsearch SSL certificate + --elasticsearch-monthly-indexes + Use monthly Elasticsearch indexes instead of daily + indexes --hec HEC the URL to a Splunk HTTP Event Collector (HEC) --hec-token HEC_TOKEN the authorization token for a Splunk HTTP Event @@ -134,7 +144,7 @@ CLI help --hec-skip-certificate-verification skip certificate verification for Splunk HEC -K [KAFKA_HOSTS [KAFKA_HOSTS ...]], --kafka-hosts [KAFKA_HOSTS [KAFKA_HOSTS ...]] - s list of one or more Kafka hostnames + a list of one or more Kafka hostnames --kafka-username KAFKA_USERNAME an optional Kafka username --kafka-password KAFKA_PASSWORD @@ -175,6 +185,7 @@ CLI help --test do not move or delete IMAP messages -s, --silent only print errors and warnings --debug print debugging information + --log-file LOG_FILE output logging to a file -v, --version show program's version number and exit Sample aggregate report output @@ -461,12 +472,18 @@ Installation using pypy3 ------------------------ For the best possible processing speed, consider using ``parsedmarc`` inside a ``pypy3`` -virtualenv. First, `download the latest version of pypy3`_. Extract it to +virtualenv. First, `download the latest portable Linux version of pypy3`_. Extract it to ``/opt/pypy3`` (``sudo mkdir /opt`` if ``/opt`` does not exist), then create a symlink: + .. code-block:: bash + wget https://bitbucket.org/squeaky/portable-pypy/downloads/pypy3.5-6.0.0-linux_x86_64-portable.tar.bz2 + tar -jxf pypy3.5-6.0.0-linux_x86_64-portable.tar.bz2 + rm pypy3.5-6.0.0-linux_x86_64-portable.tar.bz2 + sudo chown -R root:root pypy3.5-6.0.0-linux_x86_64-portable + sudo mv pypy3.5-6.0.0-linux_x86_64-portable /opt/pypy3 sudo ln -s /opt/pypy3/bin/pypy3 /usr/local/bin/pypy3 Install ``virtualenv`` on your system: @@ -1232,7 +1249,7 @@ Indices and tables .. _Demystifying DMARC: https://seanthegeek.net/459/demystifying-dmarc/ -.. _download the latest version of pypy3: https://pypy.org/download.html#default-with-a-jit-compiler +.. _download the latest portable Linux version of pypy3: https://github.com/squeaky-pl/portable-pypy#portable-pypy-distribution-for-linux .. _Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html diff --git a/_static/documentation_options.js b/_static/documentation_options.js index 7f73228..fd7a3f6 100644 --- a/_static/documentation_options.js +++ b/_static/documentation_options.js @@ -1,6 +1,6 @@ var DOCUMENTATION_OPTIONS = { URL_ROOT: document.getElementById("documentation_options").getAttribute('data-url_root'), - VERSION: '5.1.3', + VERSION: '5.2.0', LANGUAGE: 'None', COLLAPSE_INDEX: false, FILE_SUFFIX: '.html', diff --git a/genindex.html b/genindex.html index a4a8411..992e660 100644 --- a/genindex.html +++ b/genindex.html @@ -9,7 +9,7 @@ - Index — parsedmarc 5.1.3 documentation + Index — parsedmarc 5.2.0 documentation @@ -57,7 +57,7 @@
- 5.1.3 + 5.2.0
diff --git a/index.html b/index.html index 8763d9f..50c03ad 100644 --- a/index.html +++ b/index.html @@ -8,7 +8,7 @@ - parsedmarc documentation - Open source DMARC report analyzer and visualizer — parsedmarc 5.1.3 documentation + parsedmarc documentation - Open source DMARC report analyzer and visualizer — parsedmarc 5.2.0 documentation @@ -56,7 +56,7 @@
- 5.1.3 + 5.2.0
@@ -245,27 +245,30 @@ lookalike domain monitoring, check out

CLI help

usage: parsedmarc [-h] [--strip-attachment-payloads] [-o OUTPUT]
-                  [-n NAMESERVERS [NAMESERVERS ...]] [-t TIMEOUT] [-H HOST]
-                  [-u USER] [-p PASSWORD] [--imap-port IMAP_PORT]
-                  [--imap-skip-certificate-verification] [--imap-no-ssl]
-                  [-r REPORTS_FOLDER] [-a ARCHIVE_FOLDER] [-d]
-                  [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]]
-                  [--elasticsearch-index-suffix ELASTICSEARCH_INDEX_SUFFIX]
-                  [--hec HEC] [--hec-token HEC_TOKEN] [--hec-index HEC_INDEX]
-                  [--hec-skip-certificate-verification]
-                  [-K [KAFKA_HOSTS [KAFKA_HOSTS ...]]]
-                  [--kafka-username KAFKA_USERNAME]
-                  [--kafka-password KAFKA_PASSWORD] [--kafka-use-ssl]
-                  [--kafka-aggregate-topic KAFKA_AGGREGATE_TOPIC]
-                  [--kafka-forensic_topic KAFKA_FORENSIC_TOPIC]
-                  [--save-aggregate] [--save-forensic] [-O OUTGOING_HOST]
-                  [-U OUTGOING_USER] [-P OUTGOING_PASSWORD]
-                  [--outgoing-port OUTGOING_PORT]
-                  [--outgoing-ssl OUTGOING_SSL] [-F OUTGOING_FROM]
-                  [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT]
-                  [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test]
-                  [-s] [--debug] [-v]
-                  [file_path [file_path ...]]
+               [-n NAMESERVERS [NAMESERVERS ...]] [-t TIMEOUT] [-H HOST]
+               [-u USER] [-p PASSWORD] [--imap-port IMAP_PORT]
+               [--imap-skip-certificate-verification] [--imap-no-ssl]
+               [-r REPORTS_FOLDER] [-a ARCHIVE_FOLDER] [-d]
+               [-E [ELASTICSEARCH_HOST [ELASTICSEARCH_HOST ...]]]
+               [--elasticsearch-index-suffix ELASTICSEARCH_INDEX_SUFFIX]
+               [--elasticsearch-use-ssl]
+               [--elasticsearch-ssl-cert-path ELASTICSEARCH_SSL_CERT_PATH]
+               [--elasticsearch-monthly-indexes] [--hec HEC]
+               [--hec-token HEC_TOKEN] [--hec-index HEC_INDEX]
+               [--hec-skip-certificate-verification]
+               [-K [KAFKA_HOSTS [KAFKA_HOSTS ...]]]
+               [--kafka-username KAFKA_USERNAME]
+               [--kafka-password KAFKA_PASSWORD] [--kafka-use-ssl]
+               [--kafka-aggregate-topic KAFKA_AGGREGATE_TOPIC]
+               [--kafka-forensic_topic KAFKA_FORENSIC_TOPIC]
+               [--save-aggregate] [--save-forensic] [-O OUTGOING_HOST]
+               [-U OUTGOING_USER] [-P OUTGOING_PASSWORD]
+               [--outgoing-port OUTGOING_PORT]
+               [--outgoing-ssl OUTGOING_SSL] [-F OUTGOING_FROM]
+               [-T OUTGOING_TO [OUTGOING_TO ...]] [-S OUTGOING_SUBJECT]
+               [-A OUTGOING_ATTACHMENT] [-M OUTGOING_MESSAGE] [-w] [--test]
+               [-s] [--debug] [--log-file LOG_FILE] [-v]
+               [file_path [file_path ...]]
 
 Parses DMARC reports
 
@@ -307,6 +310,13 @@ lookalike domain monitoring, check out --elasticsearch-index-suffix ELASTICSEARCH_INDEX_SUFFIX
                         append this suffix to the dmarc_aggregate and
                         dmarc_forensic Elasticsearch index names, joined by _
+  --elasticsearch-use-ssl
+                        Use SSL when connecting to Elasticsearch
+  --elasticsearch-ssl-cert-path ELASTICSEARCH_SSL_CERT_PATH
+                        Path to the Elasticsearch SSL certificate
+  --elasticsearch-monthly-indexes
+                        Use monthly Elasticsearch indexes instead of daily
+                        indexes
   --hec HEC             the URL to a Splunk HTTP Event Collector (HEC)
   --hec-token HEC_TOKEN
                         the authorization token for a Splunk HTTP Event
@@ -317,7 +327,7 @@ lookalike domain monitoring, check out --hec-skip-certificate-verification
                         skip certificate verification for Splunk HEC
   -K [KAFKA_HOSTS [KAFKA_HOSTS ...]], --kafka-hosts [KAFKA_HOSTS [KAFKA_HOSTS ...]]
-                        s list of one or more Kafka hostnames
+                        a list of one or more Kafka hostnames
   --kafka-username KAFKA_USERNAME
                         an optional Kafka username
   --kafka-password KAFKA_PASSWORD
@@ -358,6 +368,7 @@ lookalike domain monitoring, check out --test                do not move or delete IMAP messages
   -s, --silent          only print errors and warnings
   --debug               print debugging information
+  --log-file LOG_FILE   output logging to a file
   -v, --version         show program's version number and exit
@@ -615,10 +626,15 @@ above commands.

Installation using pypy3

For the best possible processing speed, consider using parsedmarc inside a pypy3 -virtualenv. First, download the latest version of pypy3. Extract it to +virtualenv. First, download the latest portable Linux version of pypy3. Extract it to /opt/pypy3 (sudo mkdir /opt if /opt does not exist), then create a symlink:

-
sudo ln -s /opt/pypy3/bin/pypy3 /usr/local/bin/pypy3
+
wget https://bitbucket.org/squeaky/portable-pypy/downloads/pypy3.5-6.0.0-linux_x86_64-portable.tar.bz2
+tar -jxf pypy3.5-6.0.0-linux_x86_64-portable.tar.bz2
+rm pypy3.5-6.0.0-linux_x86_64-portable.tar.bz2
+sudo chown -R root:root pypy3.5-6.0.0-linux_x86_64-portable
+sudo mv pypy3.5-6.0.0-linux_x86_64-portable /opt/pypy3
+sudo ln -s /opt/pypy3/bin/pypy3 /usr/local/bin/pypy3
 

 

 
Install virtualenv on your system:

@@ -1673,7 +1689,7 @@ to a callback function

 
 

 

-parsedmarc.elastic.save_aggregate_report_to_elasticsearch(aggregate_report, index_suffix=None)[source]

+parsedmarc.elastic.save_aggregate_report_to_elasticsearch(aggregate_report, index_suffix=None, monthly_indexes=False)[source]
 
Saves a parsed DMARC aggregate report to ElasticSearch

 @@ -1682,6 +1698,7 @@ to a callback function

@@ -1694,7 +1711,7 @@ to a callback function

 

-parsedmarc.elastic.save_forensic_report_to_elasticsearch(forensic_report, index_suffix=None)[source]

+parsedmarc.elastic.save_forensic_report_to_elasticsearch(forensic_report, index_suffix=None, monthly_indexes=False)[source]
 
Saves a parsed DMARC forensic report to ElasticSearch

 

 

 
Parameters:
    
 
  • aggregate_report (OrderedDict) – A parsed forensic report
    • 
 
  • index_suffix (str) – The suffix of the name of the index to save to
    • 
+
  • monthly_indexes (bool) – Use monthly indexes instead of daily indexes
    • 
 

 		
 

 
 
@@ -1703,6 +1720,8 @@ to a callback function

@@ -1715,13 +1734,18 @@ to a callback function

 

-parsedmarc.elastic.set_hosts(hosts)[source]

+parsedmarc.elastic.set_hosts(hosts, use_ssl=False, ssl_cert_path=None)[source]
 
Sets the Elasticsearch hosts to use

 

 

 
Parameters:
    
 
  • forensic_report (OrderedDict) – A parsed forensic report
    • 
 
  • index_suffix (str) – The suffix of the name of the index to save to
    • 
+
  • monthly_indexes (bool) – Use monthly indexes instead of daily
+indexes
    • 
 

 		
 

 
 

-
+

 
 
 
Parameters:hosts – A single hostname or URL, or list of hostnames or URLs
Parameters:
    
+
  • hosts (str) – A single hostname or URL, or list of hostnames or URLs
    • 
+
  • use_ssl (bool) – Use a HTTPS connection to the server
    • 
+
  • ssl_cert_path (str) – Path to the certificate chain
    • 
+

+		
 

 
 

diff --git a/objects.inv b/objects.inv
index a547010d3db55bd8eedadee2e794f5e1320f1d3c..99f52a8f5d83a65f28bce0509774aa26bc5e66d0 100644
GIT binary patch
delta 14
VcmaFI`i^yi1GABy!A9rROaLhH1nU3*

delta 14
VcmaFI`i^yi1GAx?@kZy>OaLhP1nmF-

diff --git a/py-modindex.html b/py-modindex.html
index 6b6bf86..2dde91f 100644
--- a/py-modindex.html
+++ b/py-modindex.html
@@ -8,7 +8,7 @@
   
   
   
-  Python Module Index — parsedmarc 5.1.3 documentation
+  Python Module Index — parsedmarc 5.2.0 documentation
   
 
   
@@ -59,7 +59,7 @@
             
             
               

-                5.1.3
+                5.2.0
               

             
           
diff --git a/search.html b/search.html
index 6091ee6..1691f0b 100644
--- a/search.html
+++ b/search.html
@@ -8,7 +8,7 @@
   
   
   
-  Search — parsedmarc 5.1.3 documentation
+  Search — parsedmarc 5.2.0 documentation
   
 
   
@@ -56,7 +56,7 @@
             
             
               

-                5.1.3
+                5.2.0
               

             
           
diff --git a/searchindex.js b/searchindex.js
index 046878e..6f7cdeb 100644
--- a/searchindex.js
+++ b/searchindex.js
@@ -1 +1 @@
-Search.setIndex({docnames:["index"],envversion:{"sphinx.domains.c":1,"sphinx.domains.changeset":1,"sphinx.domains.cpp":1,"sphinx.domains.javascript":1,"sphinx.domains.math":2,"sphinx.domains.python":1,"sphinx.domains.rst":1,"sphinx.domains.std":1,"sphinx.ext.todo":1,"sphinx.ext.viewcode":1,sphinx:55},filenames:["index.rst"],objects:{"":{parsedmarc:[0,0,0,"-"]},"parsedmarc.elastic":{AlreadySaved:[0,1,1,""],ElasticsearchError:[0,1,1,""],create_indexes:[0,2,1,""],migrate_indexes:[0,2,1,""],save_aggregate_report_to_elasticsearch:[0,2,1,""],save_forensic_report_to_elasticsearch:[0,2,1,""],set_hosts:[0,2,1,""]},"parsedmarc.splunk":{HECClient:[0,3,1,""],SplunkError:[0,1,1,""]},"parsedmarc.splunk.HECClient":{save_aggregate_reports_to_splunk:[0,4,1,""],save_forensic_reports_to_splunk:[0,4,1,""]},"parsedmarc.utils":{EmailParserError:[0,1,1,""],convert_outlook_msg:[0,2,1,""],decode_base64:[0,2,1,""],get_base_domain:[0,2,1,""],get_filename_safe_string:[0,2,1,""],get_ip_address_country:[0,2,1,""],get_ip_address_info:[0,2,1,""],get_reverse_dns:[0,2,1,""],human_timestamp_to_datetime:[0,2,1,""],human_timestamp_to_timestamp:[0,2,1,""],is_outlook_msg:[0,2,1,""],parse_email:[0,2,1,""],query_dns:[0,2,1,""],timestamp_to_datetime:[0,2,1,""],timestamp_to_human:[0,2,1,""]},parsedmarc:{IMAPError:[0,1,1,""],InvalidAggregateReport:[0,1,1,""],InvalidDMARCReport:[0,1,1,""],InvalidForensicReport:[0,1,1,""],ParserError:[0,1,1,""],SMTPError:[0,1,1,""],elastic:[0,0,0,"-"],email_results:[0,2,1,""],extract_xml:[0,2,1,""],get_dmarc_reports_from_inbox:[0,2,1,""],get_imap_capabilities:[0,2,1,""],get_report_zip:[0,2,1,""],parse_aggregate_report_file:[0,2,1,""],parse_aggregate_report_xml:[0,2,1,""],parse_forensic_report:[0,2,1,""],parse_report_email:[0,2,1,""],parse_report_file:[0,2,1,""],parsed_aggregate_reports_to_csv:[0,2,1,""],parsed_forensic_reports_to_csv:[0,2,1,""],save_output:[0,2,1,""],splunk:[0,0,0,"-"],utils:[0,0,0,"-"],watch_inbox:[0,2,1,""]}},objnames:{"0":["py","module","Python module"],"1":["py","exception","Python exception"],"2":["py","function","Python function"],"3":["py","class","Python class"],"4":["py","method","Python method"]},objtypes:{"0":"py:module","1":"py:exception","2":"py:function","3":"py:class","4":"py:method"},terms:{"50m":0,"\u00fcbersicht":0,"break":0,"byte":0,"case":0,"class":0,"default":0,"float":0,"function":0,"import":0,"int":0,"long":0,"new":0,"null":0,"public":0,"return":0,"switch":0,"true":0,"while":0,And:0,For:0,OLE:0,One:[],TLS:0,That:0,The:0,Then:0,These:0,Use:0,Uses:0,With:0,_input:0,abl:0,about:0,abov:0,access_token:0,account:0,acm:0,across:0,action:0,actual:0,add:0,add_head:0,address:0,addresse:0,adkim:0,administr:0,adsl:0,aes128:0,aes256:0,after:0,against:0,agari:0,age:0,aggregate_index:0,aggregate_report:0,all:0,allow:0,allowremot:0,along:0,alreadysav:0,also:0,alter:0,altern:0,although:0,alwai:0,ani:0,anonym:0,anoth:0,answer:0,apach:0,apache2:0,appear:0,append:0,appendix:0,approach:0,approxim:0,apt:0,archiv:0,archive_fold:0,argument:0,arriv:0,arrival_d:0,arrival_date_utc:0,artifact:0,ask:0,asmx:0,aspf:0,assign:0,associ:0,attach:0,attachment_filenam:0,auth:0,auth_bas:0,auth_basic_user_fil:0,auth_failur:0,auth_result:0,authent:0,authentication_mechan:0,authentication_result:0,author:0,auto:0,autodetect:0,avail:0,avoid:0,b2c:0,backward:0,base64:0,base:0,base_domain:0,basic:0,bcc:0,bd6e1bb5:0,becaus:0,been:0,begin_d:0,behind:0,being:0,bellsouth:0,best:0,between:0,bin:0,binari:0,bind:0,bindaddress:0,bodi:0,bool:0,brand:0,busi:0,cach:0,call:0,callback:0,can:0,capabl:0,caus:0,center:0,cento:0,cert:0,certif:0,cest:0,chacha20:0,chang:0,charact:0,charset:0,chart:0,check:0,checkbox:0,checkdmarc:0,chines:0,chmod:0,chown:0,click:0,client:0,cloudflar:0,code:0,collect:0,collector:0,com:0,come:0,comma:0,command:0,commerci:0,common:0,compat:0,complet:0,compli:0,compress:0,configur:0,conform:0,connect:0,consid:0,consist:0,consolid:0,consum:0,contact:0,contain:0,content:0,context:0,control:0,convert:0,convert_outlook_msg:0,copi:0,correctli:0,could:0,count:0,countri:0,crash:0,creat:0,create_index:0,credenti:0,crt:0,csr:0,cumul:0,current:0,custom:0,daemon:0,dai:0,daili:0,dat:0,data:0,databas:0,date:0,date_utc:0,datetim:0,davmail:0,deb:0,debian:0,debug:0,decod:0,decode_base64:0,defens:0,delai:0,delet:0,delivery_result:0,demystifi:0,descript:0,detail:0,develop:0,dict:0,dictionari:0,differ:0,directli:0,directori:0,dis:0,disabl:0,displai:0,display_nam:0,disposit:0,dkim_align:0,dkim_domain:0,dkim_result:0,dkim_selector:0,dkm:0,dmarc_aggreg:0,dmarc_forens:0,dmarcian:0,dns_timeout:0,doctyp:0,doe:0,domainawar:0,don:0,done:0,down:0,download:0,draft:0,dtd:0,dure:0,each:0,earlier:0,easi:0,easier:0,easy_instal:0,ecdh:0,ecdsa:0,echo:0,edit:0,editor:0,effici:0,elasticsearch_host:0,elasticsearch_index_suffix:0,elasticsearcherror:0,els:0,email:0,email_result:0,emailparsererror:0,enabl:0,enableew:0,enablekeepal:0,enableproxi:0,encod:0,encount:0,end:0,end_dat:0,ensur:0,entir:0,envelop:0,envelope_from:0,envelope_to:0,environ:0,error:0,especi:0,etc:0,even:0,event:0,everi:0,exampl:0,exampleus:0,except:0,exchang:0,exclud:0,execstart:0,exist:0,exit:0,expiringdict:0,extract:0,extract_xml:0,fail:0,failur:0,fals:0,feedback:0,feedback_report:0,feedback_typ:0,fetch:0,few:0,field:0,file:0,file_path:0,filenam:0,filename_safe_subject:0,fill:0,filter:0,financ:0,find:0,first:0,fix:0,flag:0,flat:0,flexibl:0,folder:0,foldersizelimit:0,follow:0,foobar:0,fore:0,forensic_index:0,forensic_report:0,forensic_top:0,format:0,forward:0,found:0,foundat:0,fqdn:0,frame:0,fraud:0,friendli:0,from:0,ftp_proxi:0,full:0,further:0,gatewai:0,gcm:0,gdpr:0,gener:0,geolite2:0,get:0,get_base_domain:0,get_dmarc_reports_from_inbox:0,get_filename_safe_str:0,get_imap_cap:0,get_ip_address_countri:0,get_ip_address_info:0,get_report_zip:0,get_reverse_dn:0,git:0,github:0,give:0,given:0,glass:0,global:0,gmail:0,googl:0,gpg:0,graph:0,group:0,gzip:0,handl:0,has:0,has_defect:0,have:0,head:0,header:0,header_from:0,headless:0,healthcar:0,heap:0,heavi:0,hec:0,hec_index:0,hec_token:0,hecclient:0,here:0,high:0,highli:0,hop:0,host:0,hostnam:0,hour:0,hover:0,href:0,html:0,htpasswd:0,http2:0,http:0,http_proxi:0,httpasswd:0,httpd:0,https_proxi:0,human:0,human_timestamp:0,human_timestamp_to_datetim:0,human_timestamp_to_timestamp:0,icon:0,identifi:0,idl:0,imap:0,imap_port:0,imapalwaysapproxmsgs:0,imapautoexpung:0,imapcli:0,imaperror:0,imapidledelai:0,imapport:0,immedi:0,impli:0,improv:0,includ:0,includesubdomain:0,incom:0,increas:0,index_suffix:0,industri:0,inform:0,input:0,input_:0,insid:0,instanc:0,instead:0,interact:0,interakt:0,invalid:0,invalidaggregatereport:0,invaliddmarcreport:0,invalidforensicreport:0,ip_address:0,ipv4:0,ipv6:0,is_outlook_msg:0,iso:0,issu:0,its:0,java:0,join:0,journalctl:0,jre:0,just:0,jvm:0,kafka:0,kafka_aggregate_top:0,kafka_forensic_top:0,kafka_host:0,kafka_password:0,kafka_usernam:0,kb4099855:0,kb4134118:0,kb4295699:0,keepal:0,kei:0,keyout:0,kibana_saved_object:0,kind:0,know:0,known:0,larg:0,later:0,latest:0,layout:0,leak:0,least:0,leav:0,left:0,legitim:0,level:0,libemail:0,like:0,limit:0,line:0,link:0,linux:0,list:0,listen:0,load:0,local:0,localhost:0,locat:0,log:0,login:0,look:0,loopback:0,lot:0,lua:0,maco:0,magnifi:0,mai:0,mail:0,mail_from:0,mail_to:0,mailbox:0,mailer:0,mailrelai:0,mailto:0,main:0,maintain:0,make:0,malici:0,manag:0,manual:0,map:0,market:0,match:0,max:0,maximum:0,maxmind:0,mechan:0,mention:0,menu:0,messag:0,message_id:0,meta:0,mfrom:0,microsoft:0,might:0,migrate_index:0,mime:0,minimum:0,minut:0,mkdir:0,mode:0,modern:0,modul:0,mon:0,monitor:0,more:0,most:0,mous:0,move:0,move_support:0,msg:0,msg_byte:0,msg_date:0,msgconvert:0,multi:0,must:0,name:0,nameserv:0,nano:0,ncontent:0,ndate:0,need:0,neeed:0,net:0,network:0,newest:0,newkei:0,next:0,nfrom:0,nginx:0,nmessag:0,nmime:0,node:0,non:0,none:0,noproxyfor:0,norepli:0,normal:0,nosecureimap:0,nosniff:0,notabl:0,now:0,nsubject:0,nto:0,number:0,nwettbewerb:0,object:0,observ:0,occur:0,occurr:0,oct:0,off:0,office365:0,often:0,old:0,older:0,oldest:0,ondmarc:0,one:0,onli:0,onlin:0,openssl:0,opt:0,ordereddict:0,org:0,org_email:0,org_extra_contact_info:0,org_nam:0,organ:0,organis:0,origin:0,original_envelope_id:0,original_mail_from:0,original_rcpt_to:0,other:0,our:0,out:0,outdat:0,outgo:0,outgoing_attach:0,outgoing_from:0,outgoing_host:0,outgoing_messag:0,outgoing_password:0,outgoing_port:0,outgoing_ssl:0,outgoing_subject:0,outgoing_to:0,outgoing_us:0,outlook:0,output_directori:0,over:0,overrid:0,overwrit:0,own:0,pack:0,packag:0,pad:0,page:0,pan:0,param:0,paramet:0,parent:0,pars:0,parse_aggregate_report_fil:0,parse_aggregate_report_xml:0,parse_email:0,parse_forensic_report:0,parse_report_email:0,parse_report_fil:0,parsed_aggregate_reports_to_csv:0,parsed_forensic_reports_to_csv:0,parsed_sampl:0,parser:0,parsererror:0,part:0,particular:0,particularli:0,pass:0,passag:0,password:0,past:0,patch:0,path:0,payload:0,pct:0,percentag:0,perl:0,permiss:0,peter:0,pie:0,pip3:0,pip:0,place:0,plain:0,pleas:0,plu:0,polici:0,policy_evalu:0,policy_override_com:0,policy_override_reason:0,policy_publish:0,poll:0,poly1305:0,port:0,posit:0,possibl:0,preload:0,premad:0,previou:0,previous:0,print:0,printabl:0,privaci:0,process:0,produc:0,program:0,project:0,prom:[],prompt:0,proofpoint:0,properti:0,protect:0,provid:0,prox:0,proxi:0,proxy_add_x_forwarded_for:0,proxy_pass:0,proxy_set_head:0,proxyhost:0,proxypassword:0,proxyport:0,proxyus:0,public_suffix_list:0,publicsuffix:0,publish:0,python34:0,python3:0,python:0,queri:0,query_dn:0,quot:0,rais:0,ram:0,readabl:0,real:0,realli:0,reason:0,receiv:0,recipi:0,recogn:0,record_typ:0,refer:0,regardless:0,regul:0,regulatori:0,relai:0,relat:0,releas:0,reli:0,reload:0,remain:0,remot:0,remote_addr:0,remov:0,replac:0,repli:0,reply_to:0,report_id:0,report_metadata:0,report_typ:0,reported_domain:0,reports_fold:0,repositori:0,req:0,request:0,request_uri:0,requir:0,resolv:0,respons:0,restart:0,restartsec:0,restor:0,result:0,retriev:0,reus:0,revers:0,reverse_dn:0,review:0,rfc822:0,rfc:0,rhel:0,right:0,rollup:0,root:0,rpm:0,rsa:0,rua:0,ruf:0,rule:0,safe:0,same:0,sameorigin:0,sample_headers_onli:0,save:0,save_aggregate_report_to_elasticsearch:0,save_aggregate_reports_to_splunk:0,save_forensic_report_to_elasticsearch:0,save_forensic_reports_to_splunk:0,save_output:0,schema:0,scope:0,search:0,second:0,secur:0,see:0,segment:0,selector:0,self:0,send:0,sensit:0,sent:0,separ:0,server:0,servernameon:0,session:0,set:0,set_host:0,setuptool:0,sha256:0,sha384:0,share:0,sharepoint:0,should:0,show:0,shv:0,side:0,sign:0,signatur:0,silent:0,similar:0,simpl:0,simpli:0,simplifi:0,singl:0,sister:0,site:0,situat:0,size:0,skip:0,slightli:0,small:0,smg:0,smtp:0,smtperror:0,socket:0,solut:0,some:0,someon:0,sometim:0,sort:0,source_base_domain:0,source_countri:0,source_ip_address:0,source_reverse_dn:0,sourceforg:0,specif:0,specifi:0,speed:0,spf_align:0,spf_domain:0,spf_result:0,spf_scope:0,splunkerror:0,spoof:0,ssl:0,ssl_certif:0,ssl_certificate_kei:0,ssl_cipher:0,ssl_context:0,ssl_prefer_server_ciph:0,ssl_protocol:0,ssl_session_cach:0,ssl_session_ticket:0,ssl_session_timeout:0,sslcontext:0,stabl:0,standard:0,start:0,starttl:0,statu:0,step:0,still:0,storag:0,store:0,str:0,strict:0,string:0,strip:0,strip_attachment_payload:0,structur:0,subdomain:0,subject:0,subsidiari:0,substitut:0,sudo:0,suffix:0,suggest:0,suit:0,suppli:0,sure:0,sw50zxjha3rpdmugv2v0dgjld2vyymvylcocymvyc2ljahq:0,symlink:0,system:0,systemctl:0,tab:0,tag:0,target:0,tby:0,tee:0,tell:0,temporari:0,text:0,thank:0,thei:0,theirs:0,them:0,thi:0,those:0,three:0,through:0,time:0,timeout:0,timestamp:0,timestamp_to_datetim:0,timestamp_to_human:0,timezon:0,tld:0,tlsv1:0,to_domain:0,to_utc:0,token:0,tool:0,top:0,topic:0,tracker:0,transfer:0,transpar:0,transport:0,trust:0,tweak:0,two:0,type:0,ubuntu:0,uncom:0,under:0,underneath:0,understand:0,une:0,uninstal:0,unit:0,unix:0,unzip:0,updat:0,upper:0,uri:0,url:0,usag:0,use:0,use_ssl:0,used:0,useful:0,user:0,user_ag:0,usernam:0,usesystemproxi:0,usr:0,utc:0,utf:0,valu:0,vendor:0,venv:0,veri:0,verif:0,verifi:0,version:0,vew:0,view:0,virtualenv:0,volum:0,vulner:0,w3c:0,wai:0,wait:0,want:0,wantedbi:0,warn:0,watch:0,watch_inbox:0,watcher:0,web:0,webdav:0,webmail:0,well:0,were:0,wettbewerb:0,wget:0,when:0,whenev:0,where:0,wherea:0,which:0,who:0,why:0,wide:0,wiki:0,window:0,without:0,work:0,workstat:0,worst:0,would:0,write:0,www:0,x509:0,xennn:0,xml:0,xml_schema:0,xms4g:0,xmx4g:0,yahoo:0,yet:0,you:0,your:0,yum:0,yyyi:0,zip:0},titles:["parsedmarc documentation - Open source DMARC report analyzer and visualizer"],titleterms:{DNS:0,EWS:0,Using:0,access:0,aggreg:0,align:0,analyz:0,api:0,bug:0,cli:0,csv:0,dashboard:0,depend:0,dkim:0,dmarc:0,document:0,domain:0,elast:0,elasticsearch:0,featur:0,forens:0,guid:0,help:0,inbox:0,index:0,indic:0,instal:0,json:0,kibana:0,lookalik:0,multipl:0,open:0,option:0,output:0,owa:0,parsedmarc:0,pattern:0,perform:0,pypy3:0,record:0,report:0,resourc:0,retent:0,run:0,sampl:0,sender:0,servic:0,sourc:0,spf:0,splunk:0,summari:0,support:0,systemd:0,tabl:0,test:0,upgrad:0,using:0,util:0,valid:0,visual:0,what:0,won:0}})
\ No newline at end of file
+Search.setIndex({docnames:["index"],envversion:{"sphinx.domains.c":1,"sphinx.domains.changeset":1,"sphinx.domains.cpp":1,"sphinx.domains.javascript":1,"sphinx.domains.math":2,"sphinx.domains.python":1,"sphinx.domains.rst":1,"sphinx.domains.std":1,"sphinx.ext.todo":1,"sphinx.ext.viewcode":1,sphinx:55},filenames:["index.rst"],objects:{"":{parsedmarc:[0,0,0,"-"]},"parsedmarc.elastic":{AlreadySaved:[0,1,1,""],ElasticsearchError:[0,1,1,""],create_indexes:[0,2,1,""],migrate_indexes:[0,2,1,""],save_aggregate_report_to_elasticsearch:[0,2,1,""],save_forensic_report_to_elasticsearch:[0,2,1,""],set_hosts:[0,2,1,""]},"parsedmarc.splunk":{HECClient:[0,3,1,""],SplunkError:[0,1,1,""]},"parsedmarc.splunk.HECClient":{save_aggregate_reports_to_splunk:[0,4,1,""],save_forensic_reports_to_splunk:[0,4,1,""]},"parsedmarc.utils":{EmailParserError:[0,1,1,""],convert_outlook_msg:[0,2,1,""],decode_base64:[0,2,1,""],get_base_domain:[0,2,1,""],get_filename_safe_string:[0,2,1,""],get_ip_address_country:[0,2,1,""],get_ip_address_info:[0,2,1,""],get_reverse_dns:[0,2,1,""],human_timestamp_to_datetime:[0,2,1,""],human_timestamp_to_timestamp:[0,2,1,""],is_outlook_msg:[0,2,1,""],parse_email:[0,2,1,""],query_dns:[0,2,1,""],timestamp_to_datetime:[0,2,1,""],timestamp_to_human:[0,2,1,""]},parsedmarc:{IMAPError:[0,1,1,""],InvalidAggregateReport:[0,1,1,""],InvalidDMARCReport:[0,1,1,""],InvalidForensicReport:[0,1,1,""],ParserError:[0,1,1,""],SMTPError:[0,1,1,""],elastic:[0,0,0,"-"],email_results:[0,2,1,""],extract_xml:[0,2,1,""],get_dmarc_reports_from_inbox:[0,2,1,""],get_imap_capabilities:[0,2,1,""],get_report_zip:[0,2,1,""],parse_aggregate_report_file:[0,2,1,""],parse_aggregate_report_xml:[0,2,1,""],parse_forensic_report:[0,2,1,""],parse_report_email:[0,2,1,""],parse_report_file:[0,2,1,""],parsed_aggregate_reports_to_csv:[0,2,1,""],parsed_forensic_reports_to_csv:[0,2,1,""],save_output:[0,2,1,""],splunk:[0,0,0,"-"],utils:[0,0,0,"-"],watch_inbox:[0,2,1,""]}},objnames:{"0":["py","module","Python module"],"1":["py","exception","Python exception"],"2":["py","function","Python function"],"3":["py","class","Python class"],"4":["py","method","Python method"]},objtypes:{"0":"py:module","1":"py:exception","2":"py:function","3":"py:class","4":"py:method"},terms:{"50m":0,"\u00fcbersicht":0,"break":0,"byte":0,"case":0,"class":0,"default":0,"float":0,"function":0,"import":0,"int":0,"long":0,"new":0,"null":0,"public":0,"return":0,"switch":0,"true":0,"while":0,And:0,For:0,OLE:0,One:[],TLS:0,That:0,The:0,Then:0,These:0,Use:0,Uses:0,With:0,_input:0,abl:0,about:0,abov:0,access_token:0,account:0,acm:0,across:0,action:0,actual:0,add:0,add_head:0,address:0,addresse:0,adkim:0,administr:0,adsl:0,aes128:0,aes256:0,after:0,against:0,agari:0,age:0,aggregate_index:0,aggregate_report:0,all:0,allow:0,allowremot:0,along:0,alreadysav:0,also:0,alter:0,altern:0,although:0,alwai:0,ani:0,anonym:0,anoth:0,answer:0,apach:0,apache2:0,appear:0,append:0,appendix:0,approach:0,approxim:0,apt:0,archiv:0,archive_fold:0,argument:0,arriv:0,arrival_d:0,arrival_date_utc:0,artifact:0,ask:0,asmx:0,aspf:0,assign:0,associ:0,attach:0,attachment_filenam:0,auth:0,auth_bas:0,auth_basic_user_fil:0,auth_failur:0,auth_result:0,authent:0,authentication_mechan:0,authentication_result:0,author:0,auto:0,autodetect:0,avail:0,avoid:0,b2c:0,backward:0,base64:0,base:0,base_domain:0,basic:0,bcc:0,bd6e1bb5:0,becaus:0,been:0,begin_d:0,behind:0,being:0,bellsouth:0,best:0,between:0,bin:0,binari:0,bind:0,bindaddress:0,bitbucket:0,bodi:0,bool:0,brand:0,busi:0,bz2:0,cach:0,call:0,callback:0,can:0,capabl:0,caus:0,center:0,cento:0,cert:0,certif:0,cest:0,chacha20:0,chain:0,chang:0,charact:0,charset:0,chart:0,check:0,checkbox:0,checkdmarc:0,chines:0,chmod:0,chown:0,click:0,client:0,cloudflar:0,code:0,collect:0,collector:0,com:0,come:0,comma:0,command:0,commerci:0,common:0,compat:0,complet:0,compli:0,compress:0,configur:0,conform:0,connect:0,consid:0,consist:0,consolid:0,consum:0,contact:0,contain:0,content:0,context:0,control:0,convert:0,convert_outlook_msg:0,copi:0,correctli:0,could:0,count:0,countri:0,crash:0,creat:0,create_index:0,credenti:0,crt:0,csr:0,cumul:0,current:0,custom:0,daemon:0,dai:0,daili:0,dat:0,data:0,databas:0,date:0,date_utc:0,datetim:0,davmail:0,deb:0,debian:0,debug:0,decod:0,decode_base64:0,defens:0,delai:0,delet:0,delivery_result:0,demystifi:0,descript:0,detail:0,develop:0,dict:0,dictionari:0,differ:0,directli:0,directori:0,dis:0,disabl:0,displai:0,display_nam:0,disposit:0,dkim_align:0,dkim_domain:0,dkim_result:0,dkim_selector:0,dkm:0,dmarc_aggreg:0,dmarc_forens:0,dmarcian:0,dns_timeout:0,doctyp:0,doe:0,domainawar:0,don:0,done:0,down:0,download:0,draft:0,dtd:0,dure:0,each:0,earlier:0,easi:0,easier:0,easy_instal:0,ecdh:0,ecdsa:0,echo:0,edit:0,editor:0,effici:0,elasticsearch_host:0,elasticsearch_index_suffix:0,elasticsearch_ssl_cert_path:0,elasticsearcherror:0,els:0,email:0,email_result:0,emailparsererror:0,enabl:0,enableew:0,enablekeepal:0,enableproxi:0,encod:0,encount:0,end:0,end_dat:0,ensur:0,entir:0,envelop:0,envelope_from:0,envelope_to:0,environ:0,error:0,especi:0,etc:0,even:0,event:0,everi:0,exampl:0,exampleus:0,except:0,exchang:0,exclud:0,execstart:0,exist:0,exit:0,expiringdict:0,extract:0,extract_xml:0,fail:0,failur:0,fals:0,feedback:0,feedback_report:0,feedback_typ:0,fetch:0,few:0,field:0,file:0,file_path:0,filenam:0,filename_safe_subject:0,fill:0,filter:0,financ:0,find:0,first:0,fix:0,flag:0,flat:0,flexibl:0,folder:0,foldersizelimit:0,follow:0,foobar:0,fore:0,forensic_index:0,forensic_report:0,forensic_top:0,format:0,forward:0,found:0,foundat:0,fqdn:0,frame:0,fraud:0,friendli:0,from:0,ftp_proxi:0,full:0,further:0,gatewai:0,gcm:0,gdpr:0,gener:0,geolite2:0,get:0,get_base_domain:0,get_dmarc_reports_from_inbox:0,get_filename_safe_str:0,get_imap_cap:0,get_ip_address_countri:0,get_ip_address_info:0,get_report_zip:0,get_reverse_dn:0,git:0,github:0,give:0,given:0,glass:0,global:0,gmail:0,googl:0,gpg:0,graph:0,group:0,gzip:0,handl:0,has:0,has_defect:0,have:0,head:0,header:0,header_from:0,headless:0,healthcar:0,heap:0,heavi:0,hec:0,hec_index:0,hec_token:0,hecclient:0,here:0,high:0,highli:0,hop:0,host:0,hostnam:0,hour:0,hover:0,href:0,html:0,htpasswd:0,http2:0,http:0,http_proxi:0,httpasswd:0,httpd:0,https_proxi:0,human:0,human_timestamp:0,human_timestamp_to_datetim:0,human_timestamp_to_timestamp:0,icon:0,identifi:0,idl:0,imap:0,imap_port:0,imapalwaysapproxmsgs:0,imapautoexpung:0,imapcli:0,imaperror:0,imapidledelai:0,imapport:0,immedi:0,impli:0,improv:0,includ:0,includesubdomain:0,incom:0,increas:0,index_suffix:0,industri:0,inform:0,input:0,input_:0,insid:0,instanc:0,instead:0,interact:0,interakt:0,invalid:0,invalidaggregatereport:0,invaliddmarcreport:0,invalidforensicreport:0,ip_address:0,ipv4:0,ipv6:0,is_outlook_msg:0,iso:0,issu:0,its:0,java:0,join:0,journalctl:0,jre:0,just:0,jvm:0,jxf:0,kafka:0,kafka_aggregate_top:0,kafka_forensic_top:0,kafka_host:0,kafka_password:0,kafka_usernam:0,kb4099855:0,kb4134118:0,kb4295699:0,keepal:0,kei:0,keyout:0,kibana_saved_object:0,kind:0,know:0,known:0,larg:0,later:0,latest:0,layout:0,leak:0,least:0,leav:0,left:0,legitim:0,level:0,libemail:0,like:0,limit:0,line:0,link:0,linux:0,linux_x86_64:0,list:0,listen:0,load:0,local:0,localhost:0,locat:0,log:0,log_fil:0,login:0,look:0,loopback:0,lot:0,lua:0,maco:0,magnifi:0,mai:0,mail:0,mail_from:0,mail_to:0,mailbox:0,mailer:0,mailrelai:0,mailto:0,main:0,maintain:0,make:0,malici:0,manag:0,manual:0,map:0,market:0,match:0,max:0,maximum:0,maxmind:0,mechan:0,mention:0,menu:0,messag:0,message_id:0,meta:0,mfrom:0,microsoft:0,might:0,migrate_index:0,mime:0,minimum:0,minut:0,mkdir:0,mode:0,modern:0,modul:0,mon:0,monitor:0,monthli:0,monthly_index:0,more:0,most:0,mous:0,move:0,move_support:0,msg:0,msg_byte:0,msg_date:0,msgconvert:0,multi:0,must:0,name:0,nameserv:0,nano:0,ncontent:0,ndate:0,need:0,neeed:0,net:0,network:0,newest:0,newkei:0,next:0,nfrom:0,nginx:0,nmessag:0,nmime:0,node:0,non:0,none:0,noproxyfor:0,norepli:0,normal:0,nosecureimap:0,nosniff:0,notabl:0,now:0,nsubject:0,nto:0,number:0,nwettbewerb:0,object:0,observ:0,occur:0,occurr:0,oct:0,off:0,office365:0,often:0,old:0,older:0,oldest:0,ondmarc:0,one:0,onli:0,onlin:0,openssl:0,opt:0,ordereddict:0,org:0,org_email:0,org_extra_contact_info:0,org_nam:0,organ:0,organis:0,origin:0,original_envelope_id:0,original_mail_from:0,original_rcpt_to:0,other:0,our:0,out:0,outdat:0,outgo:0,outgoing_attach:0,outgoing_from:0,outgoing_host:0,outgoing_messag:0,outgoing_password:0,outgoing_port:0,outgoing_ssl:0,outgoing_subject:0,outgoing_to:0,outgoing_us:0,outlook:0,output_directori:0,over:0,overrid:0,overwrit:0,own:0,pack:0,packag:0,pad:0,page:0,pan:0,param:0,paramet:0,parent:0,pars:0,parse_aggregate_report_fil:0,parse_aggregate_report_xml:0,parse_email:0,parse_forensic_report:0,parse_report_email:0,parse_report_fil:0,parsed_aggregate_reports_to_csv:0,parsed_forensic_reports_to_csv:0,parsed_sampl:0,parser:0,parsererror:0,part:0,particular:0,particularli:0,pass:0,passag:0,password:0,past:0,patch:0,path:0,payload:0,pct:0,percentag:0,perl:0,permiss:0,peter:0,pie:0,pip3:0,pip:0,place:0,plain:0,pleas:0,plu:0,polici:0,policy_evalu:0,policy_override_com:0,policy_override_reason:0,policy_publish:0,poll:0,poly1305:0,port:0,portabl:0,posit:0,possibl:0,preload:0,premad:0,previou:0,previous:0,print:0,printabl:0,privaci:0,process:0,produc:0,program:0,project:0,prom:[],prompt:0,proofpoint:0,properti:0,protect:0,provid:0,prox:0,proxi:0,proxy_add_x_forwarded_for:0,proxy_pass:0,proxy_set_head:0,proxyhost:0,proxypassword:0,proxyport:0,proxyus:0,public_suffix_list:0,publicsuffix:0,publish:0,pypi:0,python34:0,python3:0,python:0,queri:0,query_dn:0,quot:0,rais:0,ram:0,readabl:0,real:0,realli:0,reason:0,receiv:0,recipi:0,recogn:0,record_typ:0,refer:0,regardless:0,regul:0,regulatori:0,relai:0,relat:0,releas:0,reli:0,reload:0,remain:0,remot:0,remote_addr:0,remov:0,replac:0,repli:0,reply_to:0,report_id:0,report_metadata:0,report_typ:0,reported_domain:0,reports_fold:0,repositori:0,req:0,request:0,request_uri:0,requir:0,resolv:0,respons:0,restart:0,restartsec:0,restor:0,result:0,retriev:0,reus:0,revers:0,reverse_dn:0,review:0,rfc822:0,rfc:0,rhel:0,right:0,rollup:0,root:0,rpm:0,rsa:0,rua:0,ruf:0,rule:0,safe:0,same:0,sameorigin:0,sample_headers_onli:0,save:0,save_aggregate_report_to_elasticsearch:0,save_aggregate_reports_to_splunk:0,save_forensic_report_to_elasticsearch:0,save_forensic_reports_to_splunk:0,save_output:0,schema:0,scope:0,search:0,second:0,secur:0,see:0,segment:0,selector:0,self:0,send:0,sensit:0,sent:0,separ:0,server:0,servernameon:0,session:0,set:0,set_host:0,setuptool:0,sha256:0,sha384:0,share:0,sharepoint:0,should:0,show:0,shv:0,side:0,sign:0,signatur:0,silent:0,similar:0,simpl:0,simpli:0,simplifi:0,singl:0,sister:0,site:0,situat:0,size:0,skip:0,slightli:0,small:0,smg:0,smtp:0,smtperror:0,socket:0,solut:0,some:0,someon:0,sometim:0,sort:0,source_base_domain:0,source_countri:0,source_ip_address:0,source_reverse_dn:0,sourceforg:0,specif:0,specifi:0,speed:0,spf_align:0,spf_domain:0,spf_result:0,spf_scope:0,splunkerror:0,spoof:0,squeaki:0,ssl:0,ssl_cert_path:0,ssl_certif:0,ssl_certificate_kei:0,ssl_cipher:0,ssl_context:0,ssl_prefer_server_ciph:0,ssl_protocol:0,ssl_session_cach:0,ssl_session_ticket:0,ssl_session_timeout:0,sslcontext:0,stabl:0,standard:0,start:0,starttl:0,statu:0,step:0,still:0,storag:0,store:0,str:0,strict:0,string:0,strip:0,strip_attachment_payload:0,structur:0,subdomain:0,subject:0,subsidiari:0,substitut:0,sudo:0,suffix:0,suggest:0,suit:0,suppli:0,sure:0,sw50zxjha3rpdmugv2v0dgjld2vyymvylcocymvyc2ljahq:0,symlink:0,system:0,systemctl:0,tab:0,tag:0,tar:0,target:0,tby:0,tee:0,tell:0,temporari:0,text:0,thank:0,thei:0,theirs:0,them:0,thi:0,those:0,three:0,through:0,time:0,timeout:0,timestamp:0,timestamp_to_datetim:0,timestamp_to_human:0,timezon:0,tld:0,tlsv1:0,to_domain:0,to_utc:0,token:0,tool:0,top:0,topic:0,tracker:0,transfer:0,transpar:0,transport:0,trust:0,tweak:0,two:0,type:0,ubuntu:0,uncom:0,under:0,underneath:0,understand:0,une:0,uninstal:0,unit:0,unix:0,unzip:0,updat:0,upper:0,uri:0,url:0,usag:0,use:0,use_ssl:0,used:0,useful:0,user:0,user_ag:0,usernam:0,usesystemproxi:0,usr:0,utc:0,utf:0,valu:0,vendor:0,venv:0,veri:0,verif:0,verifi:0,version:0,vew:0,view:0,virtualenv:0,volum:0,vulner:0,w3c:0,wai:0,wait:0,want:0,wantedbi:0,warn:0,watch:0,watch_inbox:0,watcher:0,web:0,webdav:0,webmail:0,well:0,were:0,wettbewerb:0,wget:0,when:0,whenev:0,where:0,wherea:0,which:0,who:0,why:0,wide:0,wiki:0,window:0,without:0,work:0,workstat:0,worst:0,would:0,write:0,www:0,x509:0,xennn:0,xml:0,xml_schema:0,xms4g:0,xmx4g:0,yahoo:0,yet:0,you:0,your:0,yum:0,yyyi:0,zip:0},titles:["parsedmarc documentation - Open source DMARC report analyzer and visualizer"],titleterms:{DNS:0,EWS:0,Using:0,access:0,aggreg:0,align:0,analyz:0,api:0,bug:0,cli:0,csv:0,dashboard:0,depend:0,dkim:0,dmarc:0,document:0,domain:0,elast:0,elasticsearch:0,featur:0,forens:0,guid:0,help:0,inbox:0,index:0,indic:0,instal:0,json:0,kibana:0,lookalik:0,multipl:0,open:0,option:0,output:0,owa:0,parsedmarc:0,pattern:0,perform:0,pypy3:0,record:0,report:0,resourc:0,retent:0,run:0,sampl:0,sender:0,servic:0,sourc:0,spf:0,splunk:0,summari:0,support:0,systemd:0,tabl:0,test:0,upgrad:0,using:0,util:0,valid:0,visual:0,what:0,won:0}})
\ No newline at end of file