Announcing PyLogsParser 0.4

  • Sharebar

Wallix logo Wallix LogBox team is happy to announce version 0.4 of PyLogsParser.

New normalizers

  • Wallix AdminBastion authentication logs, written by Nassim Babaci
  • Cisco ASA logs.
  • Dansguardian logs.


  • Adds Common Callbacks facility : a library of functions that are ready to
    use in normalizers. Most of them involve the parsing of various common date
  • Adds Final Callback facility : it is now possible to call a callback function
    at the end of the normalization process (if one of the normalizer’s patterns
    has been applied successfully). This is useful to compute a tag from several
    others’ values, for example.
  • Adds “extras” library to use in callbacks. It allows to move some logic
    outside of a normalizer’s definition. This can lead to a significant
    performance boost.
  • Adds a “taxonomy” tag to existing normalizers to allow classification
    per application type.
  • Adds normalizer timing utility (contributed by Jean-Fran├žois Taltavull).
  • Adds utility to check common tagging per taxonomy. Ideally normalizers
    under the same taxonomy should have a common pool of tags.


  • S3 normalizer is 70 times faster than before (contributed by Jean-Fran├žois Taltavull).
  • Significant speedup in URLparser and UserAgent normalizers thanks to the
    “extras” library.
  • Bing bot added to bots list
  • FTPd normalizer turned into the more generic xferlog normalizer.


  • Fixes DenyAll normalizers as much as possible given the available documentation.
  • Fixes incorrect regular expression used for MAC addresses.


  • Removes faulty MySQL normalizer.


  • Documentation is up to date.
  • Test suite is up to date.

Details and download

Full changelog is available on github. The tar ball version can be dowloaded on github download area.

Incoming search terms:

  • babaci wallix
  • nassim wallix
This entry was posted in development, log and tagged , , . Bookmark the permalink.