Downgrade python, update grafana and elasticsearch to fix the pie charts #45
Conversation
Python 3.12 produces ERROR: Could not build wheels for aiohttp
- use latest grafana (10.1.4 currently) and elasticsearch 8.10.2 - add workaround related to date_histogram interval for the deprecated piechart-panel
|
I tried Sufren suggested changes and is working again. |
|
Update: After working with it 24-48 noticed the filtering (clicking on any field thru the visual tables) doesn't work as expected...like IP, country, etc.. It adds the filter on top but data doesn't filter down to that. Filtering by domain works perfectly. the other thing doesn't seem to work for me is the reverse DNS lookup. Reverse DNS table just shows only IP's. I added nameservers under general config but still not resolving IP's (added Cloud fare thou is default and G but still). Nice to have but not a show stopper. Other than that @surfen did an awesome job |
|
@wakko4 Well spoted :) Indeed the "Ad hoc filter" feature does not work in grafana/grafana:latest (i.e. 10.1.5) Apparently there have been some recent changes which caused the bug, and the issue is expected to be resolved in 10.2 You may want to switch to some older version for now, e.g. in grafana/grafana:9.5.13 ad hoc filtering on tables works properly. I was not able to reproduce issue with reverse DNS lookup. I can see domain name for my servers under different tables with "Reverse DNS" column. |
|
@surfen thanks for the info about downgrading grafana for the filters, let me test that. DNS issue, I will join that Ubnutu VM to domain, maybe something in domain is blocking a not joined pc in AD. Do you have it reading from mailbox? (with MS Graph) I set everything as instructions but don't see anything in archive yet(default folder to move). I did create a python script to connect to sharemailbox using MS Graph and download all attachments to the 'files' folder in the dmarc-visualizer folder(input file). Can shared it later if anyone need it. another thing was exploring setting smtp in grafana for alert report but says to create grafana.ini,
grafana: |
I was able to read from a grafana ini file for smtp setting or to modify other grafana settings with this answer: so main yaml file neds to add volumes line like: volumes: |
|
@wakko4 I simply edited parsedmarc\parsedmarc.ini file which already exists in dmarc-visualiser repository. I didn't use any additional python scripts. Sadly, I had to restart for it to pick up new e-mail(s). It created automatically three folders on the mailbox ("Aggregate"/"Forensic"/"Invalid") under "Archive". |
@surfen , thanks , I did read those top/bottom few times. Issue is co have MFA in M365, so IMAP dont work I have all the necessary permission on MS Graph as required. Actually my code use that appid, tenant, sec etc. so is not permission. I list emails and move to other folder, so has the Write. btw, VM froze had to do full restart. Now when I run docker-compose up . does all the load but at end keeps in loop for 10 mins already. token not found. By chance you know what could be that? if image and guest PC (VM) restart too. I tried build again. I can see grafana on 3000. but visuals dont load 😞 |
|
@wakko4 "token not found" suggests authentication issue. Try logging into grafana. If you did not modify the username/password then the defaults are admin/admin. |
Hi! I've been having the same issue, at first I thought it was elastisearch setting up but it does not seem to work. Is there any fix for this issue? |
Hello,
Recently I needed a way to visualiise my DMARC reports and wanted to use Docker. Thank you for sharing your repository, it helped me a lot.
Unfortunately, I encountered several issues when trying to use dmarc-visualizer, including #30, #31, #32
Here's the summary of those issues and proposed solution included in my PR:
ERROR: Could not build wheels for aiohttp, had to downgrade to 3.11Please follow steps below to prevent possible issues with old files, missing files or docker cache
Closes #31
Closes #32
Closes #41