TRAPS VDI Tool - CSV file upload failed

Reply
L1 Bithead

TRAPS VDI Tool - CSV file upload failed

ESMCore: 4.1.4

ESMConsole: 4.1.4

Agent: 4.1.4

VDI Tool: 4.1.4

SigCheck: 2.60

 

Hi there,

 

we followed the TRAPS manual for the installation on a VDI Master Image (Windows 10 v1709 Enterprise).

We used the TRAPS VDI Tool to upload the generated SigCheck CSV file, but it shows an error:

 

Parsing of CSV file failed! Please validate the file content.

 

We checked the file, but nothing is wrong with it.

We repeated the upload, but the error persists.

 

Is this a known issue?

 

image.png

 

 

 

Tags (4)
L2 Linker

Re: TRAPS VDI Tool - CSV file upload failed

Hi there,

 

First thing to confirm: are you running the TrapsVDITool from the client where you created the files signatures from?

 

The tool needs to verify the existence of the files and if it cannot “see” any of the files then it reports an error when validating the CSV. I use a bit of PowerShell to modify the CSV to have UNC paths so I can run the verdicting from a machine with the Traps agent installed (also a requirement but the agent needs to be stopped). 

 

Sorry if this is covering old ground but worth asking and verifying before suggesting other things ;)

 

Kind regards.

 

 

L1 Bithead

Re: TRAPS VDI Tool - CSV file upload failed

Hi Glen,

 

yes, we're running the Tool inside the client, where the signatures are created.

 

L2 Linker

Re: TRAPS VDI Tool - CSV file upload failed

Hi there,

 

The error you are getting is indicating that the tool cannot verify any of the files in the CSV. It does this by confirming the files exist.

 

We could try one thing before looking at other options but could you confirm that you are running TrapsVdiTool with the "Run as administrator" option? You should get a different error (Required registry access is not allowed) if this was the case but would like to confirm :)

 

After that lets try something really simple. On the client you are verdicting, put the sigcheck64.exe binary in a folder and just create the CSV for just this one file. Once created run the TrapVdiTool to verdict just this one file.

 

Let us know how this goes,

 

Kind regards.

L1 Bithead

Re: TRAPS VDI Tool - CSV file upload failed

Hi Glen,

 

we tried running the TrapsVDITool with the "Run as administrator" option, same result, "Parsing failed".

We also tried checking only the sigcheck64.exe and uploading the CSV file, also same result, "Parsing failed"

 

:(

L2 Linker

Re: TRAPS VDI Tool - CSV file upload failed

Could you confirm the switches that you used on sigcheck when creating the hashes?

 

Kind regards.

L1 Bithead

Re: TRAPS VDI Tool - CSV file upload failed

Hi Glen,

 

we used the cmd switches described in the PaloAlto Traps 4.1 Administrator Guide.

 

sigcheck /s /c /e /h C:\ > C:\temp\outfilename.csv

 

or

 

sigcheck /s /c /e /h C:\sigcheck\sigcheck64.exe > C:\temp\outfilename.csv

L2 Linker

Re: TRAPS VDI Tool - CSV file upload failed

Could I be as bold to ask if you could upload the output file here? Just the one which has the sigcheck hashes contained in it.

 

Kind regards.

L1 Bithead

Re: TRAPS VDI Tool - CSV file upload failed

Hi Glen,

 

I'm really sorry for the long waiting time, we got really important steps to do till today.

We upgraded to Traps 4.2.1 but the issue remains the same.

 

I upload the .csv file here now.

 

 

L2 Linker

Re: TRAPS VDI Tool - CSV file upload failed

Hi there,

 

Sorry tried to download the file but it doesn't appear to be available. Yes I know I was slow answering this thread and apologise for that :)

 

Kind regards.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!