pacrunch.py is a Python application that can "crunch" Palo Alto traffic log files. This script was written for work in a hurry and it is my intention to go over it and fix it in the future, there may be some overlooked bugs. It was a useful script for essentially one niche purpose.
- Add more command line arguments.
- Clean up the code.
- Figure out more useful features to add.
- Add support for IPv6 (Hard to do currently as my workplace doesn't support IPv6 yet).
- Deduplicate rows by specifying a column that should be unique.
- Remove empty rows.
- Remove specific columns by their header name.
- Perform a reverse DNS lookup on IP addresses and add a new column with the results.
- Override the local host DNS server and specify your own.
This is the first official release and it may have some bugs.
You will be required to install Python 3 if you don't currently have it.
Link: Python3, the latest version is recommended.
It is recommended that you install this application in a Python Virtual Environment, you can do that by navigating to the directoy containing pacrunch.py and typing the following command in the terminal (or powershell)
python3 -m venv ./venvYou can then launch the virtual environment with one of the following commands:
Linux/macOS
source ./venv/bin/activateWindows (PowerShell)
source .\venv\bin\activate.ps1You can use the requirement.txt to install the required modules
pip3 install -r requirements.txtFirst, make sure to review and edit the config.yml with your requirements.
Once you are happy with the configuration, you can run the program:
python3 pacrunch.py