Hello, I'm also using Splunk, but I'm not really sure parsedmarc worth the effort. The only dashboard screenshot available for parsedmarc is rather unimpressive…
pat January 6, 2020 3:35 PM, "Julian Kippels" <kipp...@hhu.de> wrote: > Hi, > > I am using parsedmarc (https://domainaware.github.io/parsedmarc) for > both aggregate and forensic reports, including sending the results to > our Splunk server with Dashboard. > > Julian > > Am Mon, 6 Jan 2020 10:46:57 -0300 > schrieb Roberto Carna <robertocarn...@gmail.com>: > >> Dear Kevin, I've implemented dmarcts-report-viewer and now it runs >> OK,..It gives me veri relevant information. >> >> My new question is this: >> >> dmarcts-report-viewer is only for DMARC aggregation reports ? What >> can I do to get and ser DMARC forensic reports ? >> >> Thanks a lot again !!! >> >> El jue., 26 dic. 2019 a las 17:34, Kevin Miller >> (<kevin.mil...@juneau.org>) escribió: >> >> I just went through this. Here’s some notes I kept. Note that >> we’re using Exchange. I created a mailbox/user called dmarc and >> pull reports from it via IMAP. >> >> Reports are retrieved from Exchange based on the following >> software/process: >> http://www.techsneeze.com/how-parse-dmarc-reports-imap >> http://www.techsneeze.com/how-parse-dmarc-reports (obsolete - >> superseded by the above) >> Source: >> https://github.com/techsneeze/dmarcts-report-parser >> >> Reports are viewable via a browser using >> https://github.com/techsneeze/dmarcts-report-viewer >> (view the README.md for details) >> >> The IMAP retrieval and import into a database are accomplished via >> a perl script. It is instantiated in crontab to run nightly: >> 45 5 * * * /usr/local/bin/dmarcts/ >> dmarcts-report-parser.pl -i >> >> If run from the CLI, the usage is as follows: >> >> =========================================================================================== >> >> Usage: >> ./dmarcts-report-parser.pl [OPTIONS] [PATH] >> >> This script needs a configuration file called >> <dmarcts-report-parser.conf> in >> the current working directory, which defines a database server with >> credentials >> and (if used) an IMAP server with credentials. >> >> Additionally, one of the following source options must be provided: >> -i : Read reports from messages on IMAP server as defined >> in the config file. >> -m : Read reports from mbox file(s) provided in PATH. >> -e : Read reports from MIME email file(s) provided in PATH. >> -x : Read reports from xml file(s) provided in PATH. >> >> The following optional options are allowed: >> -d : Print debug info. >> -r : Replace existing reports rather than skipping them. >> --delete : Delete processed message files (the XML is stored in >> the database for later reference). >> --info : Print out number of XML files or emails processed. >> >> The provided source option requires a PATH. >> >> After retrieval, messages are moved to a subfolder called >> "Processed" if the import was successful, or notProcessed if it >> fails for some reason. >> >> HTH… >> >> ...Kevin >> >> -- >> >> Kevin Miller >> >> Network/email Administrator, CBJ MIS Dept. >> >> 155 South Seward Street >> >> Juneau, Alaska 99801 >> >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User >> No: 307357 >> >> *From:* owner-postfix-us...@postfix.org >> <owner-postfix-us...@postfix.org> *On Behalf Of *Roberto Carna >> *Sent:* Thursday, December 26, 2019 10:54 AM >> *To:* Postfix <postfix-users@postfix.org> >> *Subject:* DMARC report analyzer - Open Source solution >> >> EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS >> ------------------------------ >> >> Dear, I'm receiving DMARC reports in one mail account from my >> domain. All the reports coming for Google and Yahoo mainly are >> attached in ZIP format, and they are XML files. >> >> Is there any open source DMARC report analyzer for a Linux platform >> ??? I prefer Debian or Ubuntu. >> >> Thanks a lot !!! > > -- > --------------------------------------------------------- > | | Julian Kippels > | | M.Sc. Informatik > | | > | | Zentrum für Informations- und Medientechnologie > | | Heinrich-Heine-Universität Düsseldorf > | | Universitätsstr. 1 > | | Raum 25.41.O1.32 > | | 40225 Düsseldorf / Germany > | | > | | Tel: +49-211-81-14920 > | | mail: kipp...@hhu.de > ---------------------------------------------------------
