So I'm using Lynis to audit a system. It generates a log: /var/log/lynis.log and I'm trying to figure out how to convert the .log into a .csv. I'm looking for a script.

Welcome.

(I'm not sure what lynis tells you that you wouldn't already know about your own system if you are the sysadmin already, especially if you have installed it yourself.)

The generic answer is to quickly make something to extract the data you are looking for using awk. However, the data recorded in lynis.log does not lend itself to columnar formats, so tsv and csv are not really appropriate.

What are your goals with this? What are you aiming to extract from the log file?

You're absolutely right Lynis tells me everything I need to know, but the ISSO for the project would like to view it in a .csv file. She believes it would be easier for her to read. I'm trying to figure out a solution to the problem she brought to me.

The log file is just a mass of text. It's not columnar at all.
So please say which data you want extracted from the file and how you want it in columns.

Otherwise a functional but flippant answer is the following solution to the problem she brought to you:

To me, it's simple. Summarizing:

• The ISSO asked you for relevant auditing data
• You provided said data in an accurate, timely manner
• Your problems are over..your job has been done.

Her preferences for the data are irrelevant, and dovetailing on what others have said, the data isn't in columns/rows, so it doesn't lend itself to be CSV'ed in any readable manner. So unless she can explicitly tell you what data she wants, formatted how, based on what criteria, there's not much you can do to guess about what she'd 'prefer'.

That said, until you define what she wants and how she wants it, you sure won't be able to even begin to write a script. Can you show us what you've done/tried to get this into CSV so far, and provide some sample input data??? The "Question Guidelines" would be a good thing to look over.

As per the excellent advice above, you need to sit down with the ISSO and explain the problem and between you agree what data she wants that is actually available, and in what format.
Potentially a nice program to write; the sort of thing I used to enjoy doing in Perl;.


PS: definitely get the requirement in writing.....

1 members found this post helpful.

Agreed, perl is excellent at stuff like this. My language of choice for such things typically as well. And I've dealt with those upper-management types too, who "need" the report in xxx format, because they don't LIKE something else/PDF's/text/graphs/whatever. Got fed up at a corporate job years ago, submitted everything, and flat refused to change it. Got called out in the big meeting to present the data, to which I responded "You asked for the data; I gave you exactly what was asked for, so can you please explain why it's a problem to read a PDF but it's better if it's a Word document with the font you wanted?" Got pretty good laughs from the whole room, and the upper manager had to backpedal nicely. Tried to give me grief later, but the CYA documents shut them down. I made it a point to send him EVERYTHING in PDF format (even spreadsheets) from then on.
This...+100. Otherwise, you'll be making changes for weeks with "can we add xx? Move Y? Different font?", etc., etc. Hard requirements can't be dodged, and if you're asked later, you can say "Well, I delivered what was asked for in the time required...I can make changes if time permits, but I have my regular job to do, but if you can get my boss to OK me doing this, I'm happy to".