Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for other languages #6

Open
nkl0x55 opened this issue Mar 30, 2021 · 10 comments
Open

Support for other languages #6

nkl0x55 opened this issue Mar 30, 2021 · 10 comments
Labels
help wanted Extra attention is needed

Comments

@nkl0x55
Copy link

nkl0x55 commented Mar 30, 2021

Hi, would like to check if this tool support other languages installation of SEP, e.g. Chinese, Japanese, etc.

Thank you.
@Beercow
Copy link
Owner

Beercow commented Mar 30, 2021

I do not have data to test this so I’m thinking it will choke at some point.

@nkl0x55
Copy link
Author

nkl0x55 commented Mar 31, 2021

Yup, tested it on a Japanese installation, choke while parsing. Any plan to add support for other languages?

@Beercow
Copy link
Owner

Beercow commented Mar 31, 2021

I would be happy to add support. I don’t have data in other languages so I might need a copy. Would be willing to sign a NDA if need be.

Let’s try this first. The lates commit to SEPparser has a -v option. Add -v and get me the error message. I might be able to figure it out from that.

@nkl0x55
Copy link
Author

nkl0x55 commented Apr 7, 2021

Hi, apologies for the delay. Below is the error message.

Searching for Symantec logs.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AtpiMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AtpiMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AVMan.log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AVMan.log: 'charmap' codec can't encode characters in position 304-324: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4300, in main
  File "SEPparser.py", line 3613, in parse_avman
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode characters in position 304-324: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\BashMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\BashMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\CommonMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\CommonMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\cve-actions.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\cve-actions.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\cve.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\cve.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\ElamMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\ElamMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\EntitlementMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\EntitlementMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\GUP.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\GUP.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\HidMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\HidMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\LocalRep.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\LocalRep.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\LUMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\LUMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\NacMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\NacMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\NetSecMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\NetSecMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\NTRMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\NTRMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\processlog.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\processlog.log. Log is empty.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\rawlog.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\rawlog.log. Log is empty.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\RebootMgrMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\RebootMgrMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\RepMgtMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\RepMgtMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\seclog.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\seclog.log. Log is empty.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\SubmissionsMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\SubmissionsMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\syslog.log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\syslog.log: 'charmap' codec can't encode characters in position 214-221: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4284, in main
  File "SEPparser.py", line 3257, in parse_syslog
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode characters in position 214-221: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\TDADMan.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\TDADMan.log. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\tralog.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\tralog.log. Log is empty.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03112021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03112021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03122021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03122021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03132021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03132021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03142021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03142021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03152021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03152021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03172021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03172021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03182021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03182021.Log: 'charmap' codec can't encode character '\u0183' in position 232: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0183' in position 232: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03192021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03192021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03202021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03202021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03212021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03212021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03222021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03222021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03232021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03232021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03242021.Log

Problem parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\03242021.Log: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>

Traceback (most recent call last):
  File "SEPparser.py", line 4303, in main
  File "SEPparser.py", line 3663, in parse_daily_av
  File "c:\users\ieuser\appdata\local\programs\python\python39\lib\encodings\cp1252.py", line 19, in encode
UnicodeEncodeError: 'charmap' codec can't encode character '\u0702' in position 237: character maps to <undefined>
Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\serialize.dat

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\AV\serialize.dat. Unknown File Type.

Started parsing J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\PchCmp\AWSFileTransfer.log

Skipping J:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.558.0000.105\Data\Logs\PchCmp\AWSFileTransfer.log. Unknown File Type.

Processed 39 file(s) in 0.2460 seconds

@Beercow
Copy link
Owner

Beercow commented Apr 9, 2021

Thanks for the output. Might take a little bit before I look more into this. Been a little busy the last couple of weeks.

@Beercow
Copy link
Owner

Beercow commented Apr 9, 2021

One other thing. Are you running it on Windows or Linux? From the output, I would guess it’s Windows. Could you try running it on Linux and see if you get the same error?

@Beercow
Copy link
Owner

Beercow commented Apr 12, 2021

I just made an update. Can you try and see if this fixes your issue?

@nkl0x55
Copy link
Author

nkl0x55 commented Apr 13, 2021

Hi, I compiled it into a executable and ran it. Using the latest codes available, the parsing does not choke like previous.

However, looking at the output, the text are gibberish for non English text.

I do 2 more test using Linux and running it direct.

@Beercow
Copy link
Owner

Beercow commented Apr 20, 2021

I may need a sample of one of the logs to get this working.

@Beercow Beercow added the help wanted Extra attention is needed label Apr 30, 2021
@Beercow
Copy link
Owner

Beercow commented Nov 12, 2021

Is there any chance I can get one of the logs that is causing the issue? (I’ll sign a NDA if need be) I’ll have to close this soon due to lack of response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nkl0x55 @Beercow