# Cloudflare Web Application Firewall downloader
![Build Status](https://github.com/MihaiBojin/waf-downloader/actions/workflows/python-tests.yml/badge.svg)
[![PyPI version](https://badge.fury.io/py/waf-downloader.svg)](https://badge.fury.io/py/waf-downloader)
[![Python Versions](https://img.shields.io/pypi/pyversions/waf-downloader.svg)](https://pypi.org/project/waf-downloader/)
[![License](https://img.shields.io/github/license/MihaiBojin/waf-downloader.svg)](LICENSE)
A library, CLI, and docker image that downloads Cloudflare WAF logs for a specified zone_id and time frame.
## Schema
See [src/waf_logs/resources/db/](./src/waf_logs/resources/db) for a list of schemas that are auto-applied at start. This can be disabled by passing `--ensure_schema False`.
## Quickstart
The project is published at <https://pypi.org/project/waf-downloader/>.
Install it via:
```shell
pip install waf-downloader
# or alternatively, directly from git
pip install "git+https://github.com/MihaiBojin/waf-downloader@main"
```
Or with Docker:
```shell
docker pull ghcr.io/mihaibojin/waf-downloader:latest
```
The list of published images can be found at:
<https://github.com/MihaiBojin/waf-downloader/pkgs/container/waf-downloader>
### Build and run with Docker
Define secrets in an `.env` file (do not quote values):
```properties
CLOUDFLARE_TOKEN=...
DB_CONN_STR=...
```
The Cloudflare token is required, but the connection string is optional.
If skipped, it will result in logs being printed to stdout.
IMPORTANT: This project uses [taskfile.dev](https://taskfile.dev/installation/),
which you will need to install for running the following commands:
```shell
# Build
task docker-build
# Load all logs in zone, starting 5 minutes prior
task docker-run ARGS="--zone_id [CLOUDFLARE_ZONE_ID] --start_minutes_ago -5"
# And alternatively, only output the logs
task docker-run ARGS="--zone_id [CLOUDFLARE_ZONE_ID] --start_minutes_ago -5" 2>/dev/null
```
## Publishing to PyPI
### GitHub-based version publishing
The simplest way to publish a new version (if you have committer rights) is to tag a commit and push it to the repo:
```shell
# At a certain commit, ideally after merging a PR to main
git tag v0.1.x
git push origin v0.1.x
```
A [GitHub Action](https://github.com/MihaiBojin/waf-downloader/actions) will run, build the library and publish it to the PyPI repositories.
### Manual publish
These steps can also be performed locally. For these commands to work, you will need to export two environment variables (or define them in `.env`):
```shell
export TESTPYPI_PASSWORD=... # token for https://test.pypi.org/legacy/
export PYPI_PASSWORD=... # token for https://upload.pypi.org/legacy/
```
First, publish to the test repo and inspect the package:
```shell
task publish-test
```
If correct, distribute the wheel to the PyPI index:
```shell
task publish
```
Verify the distributed code
```shell
task publish-verify
```
## Cloudflare WAF documentation
- <https://developers.cloudflare.com/analytics/graphql-api/tutorials/querying-firewall-events>
- <https://developers.cloudflare.com/analytics/graphql-api/tutorials/export-graphql-to-csv/>
Raw data
{
"_id": null,
"home_page": null,
"name": "waf-downloader",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": null,
"keywords": "application, cloudflare, download, firewall, logs, waf, web",
"author": null,
"author_email": "Mihai Bojin <557584+MihaiBojin@users.noreply.github.com>",
"download_url": "https://files.pythonhosted.org/packages/7a/4a/28220943e4565634286ab732d51c7a22a2bf5cb253aab3c10cf2030cda6b/waf_downloader-0.1.6.tar.gz",
"platform": null,
"description": "# Cloudflare Web Application Firewall downloader\n\n![Build Status](https://github.com/MihaiBojin/waf-downloader/actions/workflows/python-tests.yml/badge.svg)\n[![PyPI version](https://badge.fury.io/py/waf-downloader.svg)](https://badge.fury.io/py/waf-downloader)\n[![Python Versions](https://img.shields.io/pypi/pyversions/waf-downloader.svg)](https://pypi.org/project/waf-downloader/)\n[![License](https://img.shields.io/github/license/MihaiBojin/waf-downloader.svg)](LICENSE)\n\nA library, CLI, and docker image that downloads Cloudflare WAF logs for a specified zone_id and time frame.\n\n## Schema\n\nSee [src/waf_logs/resources/db/](./src/waf_logs/resources/db) for a list of schemas that are auto-applied at start. This can be disabled by passing `--ensure_schema False`.\n\n## Quickstart\n\nThe project is published at <https://pypi.org/project/waf-downloader/>.\n\nInstall it via:\n\n```shell\npip install waf-downloader\n\n# or alternatively, directly from git\npip install \"git+https://github.com/MihaiBojin/waf-downloader@main\"\n```\n\nOr with Docker:\n\n```shell\ndocker pull ghcr.io/mihaibojin/waf-downloader:latest\n```\n\nThe list of published images can be found at:\n<https://github.com/MihaiBojin/waf-downloader/pkgs/container/waf-downloader>\n\n### Build and run with Docker\n\nDefine secrets in an `.env` file (do not quote values):\n\n```properties\nCLOUDFLARE_TOKEN=...\nDB_CONN_STR=...\n```\n\nThe Cloudflare token is required, but the connection string is optional.\nIf skipped, it will result in logs being printed to stdout.\n\nIMPORTANT: This project uses [taskfile.dev](https://taskfile.dev/installation/),\nwhich you will need to install for running the following commands:\n\n```shell\n# Build\ntask docker-build\n\n# Load all logs in zone, starting 5 minutes prior\ntask docker-run ARGS=\"--zone_id [CLOUDFLARE_ZONE_ID] --start_minutes_ago -5\"\n\n# And alternatively, only output the logs\ntask docker-run ARGS=\"--zone_id [CLOUDFLARE_ZONE_ID] --start_minutes_ago -5\" 2>/dev/null\n```\n\n## Publishing to PyPI\n\n### GitHub-based version publishing\n\nThe simplest way to publish a new version (if you have committer rights) is to tag a commit and push it to the repo:\n\n```shell\n# At a certain commit, ideally after merging a PR to main\ngit tag v0.1.x\ngit push origin v0.1.x\n```\n\nA [GitHub Action](https://github.com/MihaiBojin/waf-downloader/actions) will run, build the library and publish it to the PyPI repositories.\n\n### Manual publish\n\nThese steps can also be performed locally. For these commands to work, you will need to export two environment variables (or define them in `.env`):\n\n```shell\nexport TESTPYPI_PASSWORD=... # token for https://test.pypi.org/legacy/\nexport PYPI_PASSWORD=... # token for https://upload.pypi.org/legacy/\n```\n\nFirst, publish to the test repo and inspect the package:\n\n```shell\ntask publish-test\n```\n\nIf correct, distribute the wheel to the PyPI index:\n\n```shell\ntask publish\n```\n\nVerify the distributed code\n\n```shell\ntask publish-verify\n```\n\n## Cloudflare WAF documentation\n\n- <https://developers.cloudflare.com/analytics/graphql-api/tutorials/querying-firewall-events>\n- <https://developers.cloudflare.com/analytics/graphql-api/tutorials/export-graphql-to-csv/>\n",
"bugtrack_url": null,
"license": null,
"summary": "Web Application Firewall logs downloader.",
"version": "0.1.6",
"project_urls": {
"Bug reports": "https://github.com/MihaiBojin/waf-downloader/issues/new",
"Documentation": "https://github.com/MihaiBojin/waf-downloader/blob/main/python/README.md",
"Source": "https://github.com/MihaiBojin/waf-downloader"
},
"split_keywords": [
"application",
" cloudflare",
" download",
" firewall",
" logs",
" waf",
" web"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "ebf835671bc644b64b90ccc46a5df89919361cba13eaf7f9ca6ceb7ad6889c21",
"md5": "cf236d7d78dc9432e20b55e8ef89ae0c",
"sha256": "2b0c1e339adac6ca7da31fe2c1cc0d5ce91f2ecb1da30ed95dcbd378f80e77d4"
},
"downloads": -1,
"filename": "waf_downloader-0.1.6-py3-none-any.whl",
"has_sig": false,
"md5_digest": "cf236d7d78dc9432e20b55e8ef89ae0c",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9",
"size": 19399,
"upload_time": "2024-09-18T15:39:48",
"upload_time_iso_8601": "2024-09-18T15:39:48.203187Z",
"url": "https://files.pythonhosted.org/packages/eb/f8/35671bc644b64b90ccc46a5df89919361cba13eaf7f9ca6ceb7ad6889c21/waf_downloader-0.1.6-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "7a4a28220943e4565634286ab732d51c7a22a2bf5cb253aab3c10cf2030cda6b",
"md5": "2a1b6ac5b4891b269017607c1307ed23",
"sha256": "e8483a5c41aab22ffaac6a554921930069f97fcd7d6f02bb3e4c39f4a22a5c3f"
},
"downloads": -1,
"filename": "waf_downloader-0.1.6.tar.gz",
"has_sig": false,
"md5_digest": "2a1b6ac5b4891b269017607c1307ed23",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 21276,
"upload_time": "2024-09-18T15:39:49",
"upload_time_iso_8601": "2024-09-18T15:39:49.605588Z",
"url": "https://files.pythonhosted.org/packages/7a/4a/28220943e4565634286ab732d51c7a22a2bf5cb253aab3c10cf2030cda6b/waf_downloader-0.1.6.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-09-18 15:39:49",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "MihaiBojin",
"github_project": "waf-downloader",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "boto3",
"specs": [
[
"==",
"1.35.21"
]
]
},
{
"name": "more_itertools",
"specs": [
[
"==",
"10.5.0"
]
]
},
{
"name": "psycopg-binary",
"specs": [
[
"==",
"3.2.2"
]
]
},
{
"name": "psycopg",
"specs": [
[
"==",
"3.2.2"
]
]
},
{
"name": "psycopg_pool",
"specs": [
[
"==",
"3.2.3"
]
]
},
{
"name": "requests",
"specs": [
[
"==",
"2.32.3"
]
]
}
],
"lcname": "waf-downloader"
}