There is a bug with MikroTik ver >7 which wizards don't provide user trace in logs

2025-08-02 17:14:40 +02:00 · 2025-01-10 17:48:23 +03:00 · 2025-01-10 17:48:23 +03:00 · 11b965f1fd
commit 11b965f1fd
parent 95edf659c0
1 changed files with 6 additions and 1 deletions
--- a/py/mules/syslog.py
+++ b/py/mules/syslog.py
@ -22,7 +22,6 @@ except ImportError:
    ISPRO=False
    pass

-import socketserver

 class SyslogUDPHandler(socketserver.BaseRequestHandler):
    def extract_data_from_regex(self,regex,line):
@ -95,6 +94,8 @@ class SyslogUDPHandler(socketserver.BaseRequestHandler):
                    
            elif 'system,info mikrowizard' in message:
                regex= r"system,info mikrowizard\d+: (.*) (changed|added|removed|unscheduled) by (winbox-\d.{1,3}\d\/.*\(winbox\)|mac-msg\(winbox\)|tcp-msg\(winbox\)|ssh|telnet|api|api-ssl|.*\/web|ftp|www-ssl).*:(.*)@(.*) \((.*)\)"
+                #with new versions of mikrotik syslog is not sending the correct trace in message
+                buged_regex=r"system,info mikrowizard\d+: (.*) (changed|added|removed|unscheduled) by  \((.*)\)"
                if re.match(regex, message):
                    info=self.extract_data_from_regex(regex, message)
                    address=info[4].split('/')
@ -116,6 +117,10 @@ class SyslogUDPHandler(socketserver.BaseRequestHandler):
                    elif 'api' in info[2]:
                        ctype='api'
                    db_AA.Account.add_log(dev.id,  info[0], info[1], info[3],message,ctype, address[0], info[5])
+                elif re.match(buged_regex, message):
+                    info=self.extract_data_from_regex(buged_regex,message)
+                    db_AA.Account.add_log(dev.id, info[0], info[1],"Unknown (Mikrotik Bug)",message, config=info[2])
+                    log.error(info)
                elif "rebooted" in message:
                    db_events.state_event(dev.id, "syslog", "Router Rebooted","info",1,info[0])
                elif "resetting system configuration" in message: