Closed
Description
Running the gcp_logging_collect recipe I'm encountering the following error:
$ dftimewolf gcp_logging_collect <target_project> 'resource.type="gce_instance" resource.labels.instance_id="<ID>" log_name="projects/<target_project>/logs/cloudaudit.googleapis.com%2Factivity" timestamp>="2023-09-25" timestamp<="2023-10-06"'
[2024-10-08 14:21:04,826] [dftimewolf ] SUCCESS dfTimewolf tool initialized with UUID: c4cbf22a-63ea-4971-ac5c-a953c1669675
[2024-10-08 14:21:04,886] [dftimewolf ] INFO Loading recipe gcp_logging_collect...
[2024-10-08 14:21:05,603] [dftimewolf ] INFO Loaded recipe gcp_logging_collect with 2 modules
[2024-10-08 14:21:05,604] [dftimewolf ] INFO Running preflights...
[2024-10-08 14:21:07,402] [dftimewolf ] INFO Setting up modules...
[2024-10-08 14:21:07,403] [dftimewolf.state ] INFO Setting up module: GCPLogsCollector
[2024-10-08 14:21:07,404] [dftimewolf ] INFO Modules successfully set up!
[2024-10-08 14:21:07,404] [dftimewolf ] INFO Running modules...
[2024-10-08 14:21:07,404] [dftimewolf.state ] INFO Running module: GCPLogsCollector
[2024-10-08 14:21:07,405] [GCPLogsCollector ] SUCCESS Downloading logs to /tmp/tmpngop6aoy.jsonl
[2024-10-08 14:21:08,132] [dftimewolf.state ] CRITICAL An unknown error occurred in module GCPLogsCollector: 'generator' object has no attribute 'pages'
[2024-10-08 14:21:08,134] [dftimewolf.state ] INFO Module GCPLogsCollector finished execution
[2024-10-08 14:21:08,135] [dftimewolf.state ] ERROR dfTimewolf encountered one or more errors:
[2024-10-08 14:21:08,135] [dftimewolf.state ] ERROR 1: error from dftimewolf: An unknown error occurred in module GCPLogsCollector: 'generator' object has no attribute 'pages'
[2024-10-08 14:21:08,135] [dftimewolf.state ] ERROR Traceback (most recent call last):
[2024-10-08 14:21:08,135] [dftimewolf.state ] ERROR File "/home/user/dftimewolf/dftimewolf/lib/state.py", line 483, in _RunModuleThread
[2024-10-08 14:21:08,135] [dftimewolf.state ] ERROR self._RunModuleProcess(module)
[2024-10-08 14:21:08,135] [dftimewolf.state ] ERROR File "/home/user/dftimewolf/dftimewolf/lib/state.py", line 365, in _RunModuleProcess
[2024-10-08 14:21:08,135] [dftimewolf.state ] ERROR module.Process()
[2024-10-08 14:21:08,135] [dftimewolf.state ] ERROR File "/home/user/dftimewolf/dftimewolf/lib/collectors/gcp_logging.py", line 203, in Process
[2024-10-08 14:21:08,135] [dftimewolf.state ] ERROR pages = self.ListPages(logging_client)
[2024-10-08 14:21:08,135] [dftimewolf.state ] ERROR ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[2024-10-08 14:21:08,136] [dftimewolf.state ] ERROR File "/home/user/dftimewolf/dftimewolf/lib/collectors/gcp_logging.py", line 82, in ListPages
[2024-10-08 14:21:08,136] [dftimewolf.state ] ERROR return results.pages
[2024-10-08 14:21:08,136] [dftimewolf.state ] ERROR ^^^^^^^^^^^^^
[2024-10-08 14:21:08,136] [dftimewolf.state ] ERROR AttributeError: 'generator' object has no attribute 'pages'
[2024-10-08 14:21:08,136] [dftimewolf.state ] ERROR
[2024-10-08 14:21:08,136] [dftimewolf.state ] CRITICAL One or more unexpected errors occurred.
[2024-10-08 14:21:08,136] [dftimewolf.state ] CRITICAL Please consider opening an issue: https://github.com/log2timeline/dftimewolf/issues/new
[2024-10-08 14:21:08,136] [dftimewolf ] CRITICAL Critical error found. Aborting.
Note that the /tmp/tmpngop6aoy.jsonlis empty, but running the query 'resource.type="gce_instance" resource.labels.instance_id="<ID>" log_name="projects/<target_project>/logs/cloudaudit.googleapis.com%2Factivity" timestamp>="2023-09-25" timestamp<="2023-10-06"' in the log explore UI it works and returns data.