Skip to main content
Panther Knowledge Base

Troubleshooting CLI errors with "pantherlog parse"

  1. Last updated
  2. Save as PDF

Issue

When trying to parse a log file using pantherlog, I see one of the following errors:

  1. no schema entry for "test.yml" from the command $ pantherlog parse --schemas test.yml test.csv
  2. invalid stream type "csv" or whatever type you tried, from the command $ pantherlog parse --stream csv test.csv
  3. WARN classification failure [then lots of output] from the command $ pantherlog parse test.csv test.yml

Resolution

To resolve this issue, try the command below. This is the basic command to parse a file. This is also documented here, but the --schemas option is optional.

$ pantherlog parse --path test.yml test.csv

Cause

  1. The --schemas option checks for schemas that came with Panther. To designate a schema of your own choice to use with this parse operation, use the --path option.
  2. CSV isn't a stream type that pantherlog knows how to use. Run pantherlog --help to see a list of valid stream types.
  3. At least one option is missing here. See the command under Resolution for an example of a command that could work with valid files, or run pantherlog --help to see the recommended way to order the commands and options.

 

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.