Artifact Download of completed scan is failing

[DanBrown47]

Steps to Reproduce

1. Initialize docker compose ( From latest version )
2. Navigate to localhost:3000 and complete a scan, I have used my own aws account
3. Click on Export Artifacts -> Download as .zip
4. Download failed | Fail to fetch report is seen

Expected behavior

The artifact should start to download

Actual Result with Screenshots or Logs

prowler_logs_scan_fail.txt

How did you install Prowler?

Cloning the repository from github.com (git clone)

Environment Resource

1. Running on a Personal PC with Linux Environment ( POP OS 22.04 Debian Based )
2. Running latest version of Docker Engine

OS used

PoP OS 22.04

Prowler version

5.4.0

Pip version

25.0.1

Context

Not sure why 404 is showing in the logs. the app should be retrieving the same

[HugoPBrito]

Hi @DanBrown47,

Thanks for reporting this issue, we'll take a look at it as soon as possible and get back to you.

[HugoPBrito]

@DanBrown47,

That 404 error could happen if:

• The task is still processing and hasn’t finished yet.
• Something failed during the report generation.

To help us debug, could you share the worker log? We need it to understand what happened.

Also, if you’ve run multiple scans in parallel, this might be related to a bug we’re fixing in the upcoming v5.4.1 release.

[DanBrown47]

@HugoPBrito

I have attached the logs in the actual results section

About the other queries

• The task have completed processing, if the case was still processing I believe that the button will not be active, I have marked the same within the screenshot

• Multiple scans were not running in parallel, A schedule scan is present as usual

Thanks for the prompt response

[HugoPBrito]

Hi @DanBrown47,

My bad, I didn't see them. We'll get back to you soon.

[HugoPBrito]

Hi @DanBrown47,

My bad, I didn't see them. We'll get back to you soon.

It seems there was a misunderstanding.

You provided the api logs, but we actually need the worker logs to understand what went wrong. Could you please share the worker logs when you have a chance? This will help us investigate the issue more effectively.

Despite that, based on the current information, it’s likely related to the error I mentioned earlier, which we’re addressing in the upcoming 5.4.1 release. However, to confirm this and ensure there isn’t a new bug we’re unaware of, please share the worker logs when you can. Without them, it’s difficult for us to take further action.

Thanks for your help, and let us know if you have any questions!

[mathiznogoud]

Hi @HugoPBrito , I'm facing the same issue,
Please review the API log and Worker log below. I'm currently running the latest version

api-logs.txt
worker-logs.txt

[HugoPBrito]

Hi @DanBrown47,

Did you try it in latest v5.4.1?

[lucas-opennet]

Running into the same error @HugoPBrito

[HugoPBrito]

Running into the same error @HugoPBrito

Hi @lucas-opennet,
I'm sorry to hear you're experiencing this issue too. Could you confirm if you're using v5.4.1? Additionally, would you be able to share your worker logs with us as well?

Thanks for your help with this, and thank you for using Prowler! We appreciate your support and patience as we work to resolve this issue. Please don't hesitate to reach out if you need anything else.

[lucas-opennet]

Yes @HugoPBrito. Using v5.4.1

Please find the api logs here and the worker here

[AdriiiPRodri]

Hi guys,

It seems that there are no apparent errors related to the export functionality in the logs that you send us.

In order to help you we need to make a call to the API task endpoint, so we can see the status of the task. To do this we are going to execute the following (replacing the username and password):

curl --location 'localhost:8080/api/v1/tokens' \
--header 'Content-Type: application/vnd.api+json' \
--header 'Accept: application/vnd.api+json' \
--data-raw '{
  "data": {
    "type": "tokens",
    "attributes": {
      "email": "YOUR_USER_EMAIL",
      "password": "YOUR_USER_PASSWORD"
    }
  }
}'

Next we make a call to the tasks endpoint, using the access token:

curl --location --globoff 'localhost:8080/api/v1/tasks?filter[name]=scan-report' \
--header 'Accept: application/vnd.api+json' \
--header 'Authorization: Bearer ACCESS_TOKEN' | jq

Note: If you don't have jq installed just run the command without | jq.

Finally share the output with us please, if you have any questions about the process do not hesitate to ask.

Regards

[mathiznogoud]

hi @AdriiiPRodri , please find the result of the call to task API endpoint. I'm using the admin credentials

api_results.json

[AdriiiPRodri]

Hi @mathiznogoud,

This one helps us a lot, apparently the user that raises prowler does not have permissions to write in /tmp, until now we did not have this possibility but a user without privileges on this directory can have this problem.

In this case we can change the output directory of the API artifacts, for this we have to modify the .env file in the root of the project, in particular we will modify this line:

# The path to the directory where scan output should be stored.
DJANGO_TMP_OUTPUT_DIRECTORY="/tmp/prowler_api_output”

And change it to a path where we have permissions.

We must also change the mapping of docker to your local file system (using the previous path), for this we will have to modify the docker-compose.yml file, the volumes part, both the API and the worker, taking into account that the left part refers to your local file system:

Then we will deploy Prowler again and try again.

I hope this solves your problem, we will take into account this problem for future versions, any doubt don't hesitate to ask.