Skip to main content

Reading the Imunify logs

Comments

9 comments

  • cPRex Jurassic Moderator
    Hey there! I tested the following command on a test machine and got good results: # imunify360-agent get --since 7 TIMESTAMP ABUSER COUNTRY TIMES NAME SEVERITY 1626106938 x.x.x.x SG 1 IM360 WAF: WordPress Bruteforce RBL block 4 1626106877 x.x.x.x US 1 IM360 WAF: WordPress Bruteforce RBL block 4 1626106854 x.x.x.x IN 1 IM360 WAF: WordPress Bruteforce RBL block 4 1626106812 x.x.x.x MY 1 IM360 WAF: WordPress Bruteforce RBL block 4 1626106625 x.x.x.x SG 1 IM360 WAF: WordPress Bruteforce RBL block 4 1626106606 x.x.x.x UA 1 IM360 WAF: WordPress Bruteforce RBL block 4 1626106604 x.x.x.x AR 1 IM360 WAF: Block spam in PrestaShop 2 1626106592 x.x.x.x SG 1 IM360 WAF: WordPress Bruteforce RBL block
    so I would also expect that to work well on your machine. Do you not receive any output when you try a similar command?
    0
  • Scootie
    Running the same command got me the following result: # imunify360-agent get --since 7 usage: imunify360-agent [-h] [--log-config LOG_CONFIG] [--console-log-level {ERROR,WARNING,INFO,DEBUG}] [--remote-addr REMOTE_ADDR] {3rdparty,add-sudouser,advisor,check-domains,checkdb,config,delete-sudouser,disable-plugin,doctor,enable-plugin,eula,feature-management,get-news,hook,infected-domains,login,malware,notifications-config,register,rstatus,submit,support,unregister,update,update-license,version} ... imunify360-agent: error: invalid choice: 'get' (choose from '3rdparty', 'add-sudouser', 'advisor', 'check-domains', 'checkdb', 'config', 'delete-sudouser', 'disable-plugin', 'doctor', 'enable-plugin', 'eula', 'feature-management', 'get-news', 'hook', 'infected-domains', 'login', 'malware', 'notifications-config', 'register', 'rstatus', 'submit', 'support', 'unregister', 'update', 'update-license', 'version')
    I dont think the command above helps me. What I'm trying to do here is to get a user friendly report from /var/log/imunify360/console.log after I ran Imunify on a cPanel account from WHM.
    0
  • cPRex Jurassic Moderator
    Thanks for that. Can you run the following commands on the system and send me the output? imunify360-agent --version cat /etc/redhat-release
    0
  • Scootie
    Here it is: imunify360-agent --version usage: imunify360-agent [-h] [--log-config LOG_CONFIG] [--console-log-level {ERROR,WARNING,INFO,DEBUG}] [--remote-addr REMOTE_ADDR] {3rdparty,add-sudouser,advisor,check-domains,checkdb,config,delete-sudouser,disable-plugin,doctor,enable-plugin,eula,feature-management,get-news,hook,infected-domains,login,malware,notifications-config,register,rstatus,submit,support,unregister,update,update-license,version} ... imunify360-agent: error: unrecognized arguments: --version
    cat /etc/redhat-release CloudLinux release 7.9 (Boris Yegorov)
    0
  • cPRex Jurassic Moderator
    Thanks for that - I may have mis-typed and you actually don't need the "--" before "version" but it still seems like there is something odd going on with that system. It might be best to create a ticket with our team so we can examine this directly on the server.
    0
  • Scootie
    Here it is: imunify360-agent version 5.7.4-4
    0
  • cPRex Jurassic Moderator
    I do see that 5.8 has been released, so you may want to try updating the software to see if that helps. If not, I'd still recommend submitting a ticket to our team.
    0
  • Scootie
    Im not sure this is a software version problem more like use of good command. I'll dig some more before opening a tichet.
    0
  • Scootie
    Here are some commands I've found usefull to generate some sort of reports: imunify360-agent malware malicious list imunify360-agent malware malicious list --by-scan-id ddd9725d1e914dc9ac0a4e129d90931d imunify360-agent malware malicious list --user USERNAME --limit 1000 --since $(( $(date +%s) - 24*3600 ))
    0

Please sign in to leave a comment.