What's wrong with this crawling hose?

ogogon · June 10, 2024, 10:49pm

Colleagues, I’m just starting to master Zeek and I apologize for the variety of questions.

Our good friend from the first chapter of the Book of Genesis, instead of crawling in with a package of paradise apples, sent an email.
In it he hissed the following with displeasure:

Traceback (most recent call last):
  File "/usr/local/bin/trace-summary", line 1115, in <module>
    readConnSummaries(file)
  File "/usr/local/bin/trace-summary", line 508, in readConnSummaries
    parseConnLine(line, field_sep, unset_field, idx, max_idx_1, is_json, scope_separator)
  File "/usr/local/bin/trace-summary", line 844, in parseConnLine
    LocalNetsIntervals[iupdate.src_ip].update(iupdate)
    ~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^
  File "/usr/local/lib/zeek/python/SubnetTree.py", line 103, in __getitem__
    return _SubnetTree.SubnetTree___getitem__(self, cidr)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd9 in position 0: invalid continuation byte
        0,06 real         0,05 user         0,00 sys

-- 
[Automatically generated.]

I installed Zeek from FreeBSD ports, and in theory, all the necessary modules should have compiled.

What’s unhappy about this scaly reptile?

Thanks in advance for your advice,
Ogogon.

ogogon · June 13, 2024, 12:12am

I found the quote I gave on several other resources and also without an answer.
Is this problem with Python really so serious that no one can solve it and everyone is embarrassedly silent?

Ogogon,

Benjamin_Bannier · June 13, 2024, 6:48am

Relevant issue:

github.com/zeek/trace-summary

Python problem: iupdate.src_ip/_SubnetTree.SubnetTree_getitem(self, cidr)

opened 12:30AM - 13 Jun 24 UTC

ogogon

While Zeek is running, I periodically receive letters from him in the mail with …the following content: **Subject:** [Zeek] Connection summary from ... (then a time interval is specified) ``` Traceback (most recent call last): File "/usr/local/bin/trace-summary", line 1115, in <module> readConnSummaries(file) File "/usr/local/bin/trace-summary", line 508, in readConnSummaries parseConnLine(line, field_sep, unset_field, idx, max_idx_1, is_json, scope_separator) File "/usr/local/bin/trace-summary", line 844, in parseConnLine LocalNetsIntervals[iupdate.src_ip].update(iupdate) ~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^ File "/usr/local/lib/zeek/python/SubnetTree.py", line 103, in __getitem__ return _SubnetTree.SubnetTree___getitem__(self, cidr) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd9 in position 0: invalid continuation byte 0,06 real 0,06 user 0,00 sys -- [Automatically generated.] ``` My Zeek is installed on a router under FreeBSD from ports (compiled from sources with automatic dependency control). I am ready to provide detailed information. I created a topic on the forum, but there was silence there. [https://community.zeek.org/t/whats-wrong-with-this-crawling-hose/7393](url)

ogogon · June 13, 2024, 8:00am

Dear Benjamin!

Thank you very much for this link. The problem is that I created this “issue”. Despite all the mental difficulties, I have not forgotten about it yet.

Therefore, I would be more pleased with your advice on solving this problem. However, in any case, thank you very much.

Ogogon.

Topic		Replies	Views
Traceback in summary email Zeek	4	82	May 6, 2022
Zeek Newsletter - Issue 17 - April 2022 Zeek newsletter	1	249	May 6, 2022
Untraceable zeekygen "warning:" messages Zeek	8	143	May 6, 2022
Errors from trace-summary Zeek	5	115	May 6, 2022
Newsletter Zeek	5	126	May 6, 2022

What's wrong with this crawling hose?

Related topics