Skip to main content

Overview

AutoPentestX generates detailed logs for every scan, capturing all operations, errors, and diagnostic information. Logs are essential for debugging, audit trails, and understanding scan behavior.

Log Locations

All logs are stored in the logs/ directory with timestamped filenames: 
logs/
└── autopentestx_20251130_143015.log
Naming Convention: autopentestx_{YYYYMMDD}_{HHMMSS}.log

Log Levels

AutoPentestX uses standard logging levels to categorize messages:
LevelSymbolUsageExample
INFO[*]General information[*] Scanning all TCP ports...
SUCCESS[✓]Successful operations[✓] Port 80/tcp open - http
WARNING[!]Important notices[!] Metasploit not found
ERROR[✗]Operation failures[✗] Error connecting to target
DEBUG[DEBUG]Detailed diagnostics[DEBUG] Raw response: ...

Log Structure

Logs follow a structured format with clear phase separation: 
╔═══════════════════════════════════════════════╗
║        AutoPentestX - Scan Execution         ║
╚═══════════════════════════════════════════════╝

[STEP 1] Initializing scan...
[✓] Database connected: database/autopentestx.db
[✓] Scan ID: 1

[STEP 2] Network Scanning...
============================================================
AutoP entestX - Network Scanner
============================================================
Target: 192.168.1.100
Scan started: 2025-11-30 14:30:15

[*] Detecting operating system...
[✓] OS Detected: Linux Ubuntu 20.04

[STEP 3] Vulnerability Scanning...
...

Scan Phases in Logs

[STEP 1] Initializing scan...
[✓] Database connected: database/autopentestx.db
[✓] Database tables created successfully
[✓] Scan ID: 1
Captures:
  • Database connection status
  • Table creation
  • Scan ID assignment
[STEP 2] Network Scanning...
[*] Detecting operating system for 192.168.1.100...
[✓] OS Detected: Linux Ubuntu 20.04 (Accuracy: 95%)

[*] Scanning all TCP ports on 192.168.1.100...
[✓] Port 22/tcp open - ssh OpenSSH 8.2p1
[✓] Port 80/tcp open - http Apache httpd 2.4.41
[✓] Port scan completed in 45.23 seconds
[✓] Total open ports found: 5
Captures:
  • OS detection results
  • Port discovery progress
  • Service enumeration
  • Scan duration
[STEP 3] Vulnerability Scanning...
[*] Checking for common vulnerabilities...
[!] Found: Outdated SSH Version on port 22
[!] Found: Outdated Apache Server on port 80

[*] Running Nikto scan on http://192.168.1.100:80...
[✓] Nikto scan completed: 5 vulnerabilities found

[*] Scanning for SQL injection...
[✓] SQL injection scan completed: 1 vulnerabilities found
Captures:
  • Vulnerability detection
  • Web scanner (Nikto) output
  • SQL injection testing results
[STEP 4] CVE Database Lookup...
[*] Checking port 22: ssh OpenSSH 8.2p1
[*] Searching CVEs for: openssh 8.2p1
[✓] Found 3 relevant CVEs for openssh
  [!] CVE-2021-41617 - CVSS: 7.0 (HIGH)
  [!] CVE-2020-15778 - CVSS: 6.8 (MEDIUM)
Captures:
  • CVE search queries
  • Matched CVE identifiers
  • CVSS scores and severity
[STEP 5] Risk Assessment...
[!] HIGH RISK: Port 80 - http (Score: 8.5/10)
[!] HIGH RISK: Port 443 - ssl/http (Score: 8.2/10)
[!] CRITICAL: SQL Injection vulnerabilities found: 1

Overall Risk Level: HIGH
Total Risk Score: 42.3
Captures:
  • Per-port risk scores
  • Critical findings
  • Overall risk calculation
[STEP 6] Exploitation Assessment (Safe Mode)...
[✓] Exploit matched: apache_mod_cgi_bash_env_exec for port 80

[*] Running in SAFE MODE - No actual exploitation will occur
[*] Simulating exploit: exploit/multi/http/apache_mod_cgi_bash_env_exec
[✓] Metasploit RC script saved: exploits/exploit_192.168.1.100_80.rc
[*] Port 80: apache_mod_cgi_bash_env_exec - SIMULATED
Captures:
  • Exploit matching results
  • Safe mode confirmations
  • RC script generation
  • Simulation status
[STEP 7] Generating PDF Report...
[*] Adding cover page...
[*] Adding executive summary...
[*] Adding vulnerabilities...
[*] Building PDF document...

============================================================
PDF REPORT GENERATED SUCCESSFULLY
============================================================
Report saved to: reports/AutoPentestX_Report_192_168_1_100.pdf
File size: 245.67 KB
Captures:
  • PDF section generation
  • File save location
  • Report file size

Viewing Logs

Real-Time Monitoring

python3 main.py -t 192.168.1.100
# Logs displayed in terminal

Post-Scan Analysis

# View entire log
cat logs/autopentestx_20251130_143015.log

# View with pager
less logs/autopentestx_20251130_143015.log

# Search for errors
grep "\[✗\]" logs/autopentestx_20251130_143015.log

# Search for warnings
grep "\[!\]" logs/autopentestx_20251130_143015.log

Common Log Messages

Success Messages

[✓] Database connected: database/autopentestx.db
[✓] OS Detected: Linux Ubuntu 20.04 (Accuracy: 95%)
[✓] Port 80/tcp open - http Apache httpd 2.4.41
[✓] Nikto scan completed: 5 vulnerabilities found
[✓] PDF REPORT GENERATED SUCCESSFULLY

Warning Messages

[!] Metasploit not found - Exploitation features limited
[!] Found: Outdated SSH Version on port 22
[!] HIGH RISK: Port 80 - http (Score: 8.5/10)
[!] CRITICAL: SQL Injection vulnerabilities found: 1
[!] Skipping potentially dangerous exploit: ms17_010_eternalblue

Error Messages

[✗] Database connection error: unable to open database file
[✗] Error connecting to target: Connection timed out
[✗] Nikto scan failed: nikto command not found
[✗] Error inserting vulnerability: constraint failed
[✗] Error generating PDF report: Permission denied

Debugging with Logs

Connection Issues

Search for connection problems: 
grep -i "connection\|timeout\|refused" logs/autopentestx_*.log
Common patterns: 
[✗] Error connecting to target: Connection refused
[✗] Nikto scan timeout after 300 seconds
[!] Target may have firewall blocking scans

Missing Dependencies

Identify missing tools: 
grep -i "not found\|not installed\|missing" logs/autopentestx_*.log
Common patterns: 
[!] Metasploit not found - Exploitation features limited
[✗] Nikto scan failed: nikto command not found
[✗] nmap: command not found

Database Errors

Track database issues: 
grep -i "database\|sqlite" logs/autopentestx_*.log
Common patterns: 
[✗] Database connection error: unable to open database file
[✗] Error inserting port: UNIQUE constraint failed
[✗] Error updating scan: no such column: risk_score

Performance Analysis

Extract timing information: 
grep -i "completed in\|duration\|seconds" logs/autopentestx_*.log
Example output: 
[✓] Port scan completed in 45.23 seconds
[✓] Scan Duration: 287.45 seconds (4.79 minutes)

Log Rotation

Logs accumulate over time. Implement rotation to manage disk space:

Manual Cleanup

# Delete logs older than 30 days
find logs/ -name "autopentestx_*.log" -mtime +30 -delete

# Archive old logs
tar -czf logs_archive_$(date +%Y%m%d).tar.gz logs/*.log
rm logs/*.log

Automated Rotation Script

#!/bin/bash
# log_rotate.sh

LOG_DIR="logs"
ARCHIVE_DIR="logs/archive"
DAYS_TO_KEEP=30

mkdir -p "$ARCHIVE_DIR"

# Archive logs older than 30 days
find "$LOG_DIR" -name "autopentestx_*.log" -mtime +$DAYS_TO_KEEP \
  -exec mv {} "$ARCHIVE_DIR/" \;

# Compress archived logs
find "$ARCHIVE_DIR" -name "*.log" -exec gzip {} \;

echo "Log rotation completed"
Consider setting up a cron job to run log rotation weekly or monthly depending on scan frequency.

Log Analysis Tools

Extract Scan Summary

#!/bin/bash
# extract_summary.sh

LOG_FILE=$1

echo "=== Scan Summary ==="
grep "Target:" "$LOG_FILE" | head -1
grep "Scan ID:" "$LOG_FILE" | head -1
grep "Overall Risk Level:" "$LOG_FILE"
grep "Total Vulnerabilities:" "$LOG_FILE"
grep "Duration:" "$LOG_FILE"
echo "==================="
Usage: 
./extract_summary.sh logs/autopentestx_20251130_143015.log

Count Vulnerabilities

# Count vulnerability severity
grep -o "CVSS: [0-9.]*" logs/autopentestx_*.log | \
  awk '{print $2}' | \
  awk '{if($1>=9)print "CRITICAL"; \
        else if($1>=7)print "HIGH"; \
        else if($1>=4)print "MEDIUM"; \
        else print "LOW"}' | \
  sort | uniq -c

Generate Activity Report

# List all scans with timestamps
grep "Scan started:" logs/autopentestx_*.log | \
  awk -F: '{print $1 " - " $4":"$5":"$6}'

Best Practices

  1. Review Logs After Each Scan: Check for errors or warnings
  2. Archive Important Scans: Save logs for compliance/audit purposes
  3. Monitor Disk Space: Logs can grow large over time
  4. Use Log Levels: Pay attention to [✗] and [!] symbols
  5. Correlate with Database: Use Scan ID to match logs with database entries

Troubleshooting Common Issues

Possible causes:
  • Logs directory doesn’t exist
  • Insufficient permissions
Solution:
mkdir -p logs
chmod 755 logs
Cause: Insufficient file system permissionsSolution:
# Check permissions
ls -la logs/ reports/ database/

# Fix permissions
chmod -R 755 logs reports database
Cause: Timestamp mismatch or incorrect directorySolution:
# List all logs sorted by date
ls -lt logs/

# Find logs by scan target
grep -l "192.168.1.100" logs/*.log
Cause: Long-running scans or no log rotationSolution:
# Check disk usage
du -sh logs/

# Compress old logs
gzip logs/*.log

# Implement log rotation (see above)

Integration with External Tools

Send to Syslog

logger -f logs/autopentestx_20251130_143015.log -t autopentestx

Parse with Python

import re
from datetime import datetime

def parse_log(log_file):
    with open(log_file, 'r') as f:
        for line in f:
            if '[✗]' in line:
                print(f"Error: {line.strip()}")
            elif 'CRITICAL' in line or 'HIGH' in line:
                print(f"Alert: {line.strip()}")

parse_log('logs/autopentestx_20251130_143015.log')

Export to JSON

import json
import re

def extract_structured_data(log_file):
    data = {'errors': [], 'warnings': [], 'vulnerabilities': []}
    
    with open(log_file, 'r') as f:
        for line in f:
            if '[✗]' in line:
                data['errors'].append(line.strip())
            elif '[!]' in line and 'CVE' in line:
                data['vulnerabilities'].append(line.strip())
    
    return json.dumps(data, indent=2)

print(extract_structured_data('logs/autopentestx_20251130_143015.log'))

Build docs developers (and LLMs) love

Get started for freeTalk to us