Symantec endpoint protection reports parser

Description

The simple scripts for parse symantec endpoint protection html reports.

Scripts:
- sepr_parser.py - parse html report and output txt files to folders.
- uniq.sh - sort and uniq all result to alerts folder.

Folders:

risk_category - VIRUS AND RISK DETECTION (Blocked, Quarantined, Deleted, Newly Infected, Still Infected), strings: "Filename: Unavailable" - exception!

av_status - Protection Status Snapshot (AV Engine Off, SONAR Proactive Threat Scan Off);

alerts - Uniq and sorted results;

Install

git clone https://github.com/J3eyond/SEPR_parser

cd SEPR_parser

Create a virtual environment (optional):

virtualenv venv

Activate the virtual environment:

source venv/bin/activate

Install requirements:

pip install -r requirements.txt

Give permission to launch(bash script):

chmod +x uniq.sh

Launch

python3 sepr_parser.py *path to your report*

./uniq.sh

Requirements

python 3.9 +
virtualenv==20.23.1 (optional)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Symantec endpoint protection reports parser

Description

Install

Launch

Requirements

About

Releases 1

Packages

Languages

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
alerts		alerts
av_status		av_status
risk_category		risk_category
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
requirements.txt		requirements.txt
sepr_parser.py		sepr_parser.py
uniq.sh		uniq.sh

License

J3eyond/SEPR_parser

Folders and files

Latest commit

History

Repository files navigation

Symantec endpoint protection reports parser

Description

Install

Launch

Requirements

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 1

Packages 0

Languages

Packages