danielguerra69 / bro-debian-elasticsearch Goto Github PK
View Code? Open in Web Editor NEWbro on debian with elasticsearch support
bro-debian-elasticsearch's People
Contributors
Stargazers
Watchers
Forkers
thebennos aeppert c4bbage oflebbe alxbob akefallonitis poeblu jantoniogc v1k0d3n s4l3h1 christiansib warmiceberg abuameen993 m00zh33 crag-h4kbro-debian-elasticsearch's Issues
Bro 2.5 & E-K 5.1.1
Hello,
did you tested with latest version of E-K?
docker-compose up - FAILURE
I did a clean checkout and docker-compose up, Elastic Search is not coming up.
Below are the logs, need help.
_Attaching to brodebianelasticsearch_elastic-data-node01_1, brodebianelasticsearch_elastic-data-node02_1, brodebianelasticsearch_elastic-data-master_1, brodebianelasticsearch_elasticsearch-master_1, brodebianelasticsearch_kibana-config_1, brodebianelasticsearch_elasticsearch-node02_1, brodebianelasticsearch_elasticsearch-node01_1, brodebianelasticsearch_nginx_1, brodebianelasticsearch_bro-xinitd-forensic_1, brodebianelasticsearch_kibana_1, brodebianelasticsearch_bro-mapping_1
elasticsearch-node02_1 | [2017-07-21 18:56:19,920][WARN ][bootstrap ] unable to install syscall filter: seccomp unavailable: your kernel is buggy and you should upgrade
elasticsearch-master_1 | [2017-07-21 18:56:17,959][WARN ][bootstrap ] unable to install syscall filter: seccomp unavailable: your kernel is buggy and you should upgrade
elasticsearch-node02_1 | Exception in thread "main" java.io.FileNotFoundException: /usr/share/elasticsearch/lib/elasticsearch-2.4.1.jar (No such file or directory)
elasticsearch-node01_1 | [2017-07-21 18:56:20,200][WARN ][bootstrap ] unable to install syscall filter: seccomp unavailable: your kernel is buggy and you should upgrade
elasticsearch-node02_1 | at java.util.zip.ZipFile.open(Native Method)
elasticsearch-node02_1 | at java.util.zip.ZipFile.<init>(ZipFile.java:219)
elasticsearch-node02_1 | at java.util.zip.ZipFile.<init>(ZipFile.java:149)
elasticsearch-master_1 | Exception in thread "main" java.io.FileNotFoundException: /usr/share/elasticsearch/lib/elasticsearch-2.4.1.jar (No such file or directory)
nginx_1 | 2017/07/21 18:56:20 [emerg] 1#1: host not found in upstream "master:9200" in /etc/nginx/nginx.conf:19
nginx_1 | nginx: [emerg] host not found in upstream "master:9200" in /etc/nginx/nginx.conf:19
elasticsearch-node02_1 | at java.util.jar.JarFile.<init>(JarFile.java:166)
elasticsearch-node01_1 | Exception in thread "main" java.io.FileNotFoundException: /usr/share/elasticsearch/lib/elasticsearch-2.4.1.jar (No such file or directory)
elasticsearch-master_1 | at java.util.zip.ZipFile.open(Native Method)
elasticsearch-node02_1 | at java.util.jar.JarFile.<init>(JarFile.java:103)
elasticsearch-node02_1 | at org.elasticsearch.bootstrap.JarHell.checkJarHell(JarHell.java:174)
elasticsearch-node02_1 | at org.elasticsearch.bootstrap.JarHell.checkJarHell(JarHell.java:87)
elasticsearch-node02_1 | at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:180)
elasticsearch-master_1 | at java.util.zip.ZipFile.<init>(ZipFile.java:219)
elasticsearch-master_1 | at java.util.zip.ZipFile.<init>(ZipFile.java:149)
elasticsearch-node02_1 | at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:286)
brodebianelasticsearch_elastic-data-node01_1 exited with code 0
elasticsearch-node01_1 | at java.util.zip.ZipFile.open(Native Method)
elasticsearch-master_1 | at java.util.jar.JarFile.<init>(JarFile.java:166)
elasticsearch-master_1 | at java.util.jar.JarFile.<init>(JarFile.java:103)
elasticsearch-node02_1 | at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:45)
elasticsearch-master_1 | at org.elasticsearch.bootstrap.JarHell.checkJarHell(JarHell.java:174)
elasticsearch-node01_1 | at java.util.zip.ZipFile.<init>(ZipFile.java:219)
elasticsearch-node01_1 | at java.util.zip.ZipFile.<init>(ZipFile.java:149)
elasticsearch-master_1 | at org.elasticsearch.bootstrap.JarHell.checkJarHell(JarHell.java:87)
elasticsearch-node02_1 | Refer to the log for complete error details.
elasticsearch-node01_1 | at java.util.jar.JarFile.<init>(JarFile.java:166)
elasticsearch-master_1 | at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:180)
elasticsearch-master_1 | at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:286)
elasticsearch-node01_1 | at java.util.jar.JarFile.<init>(JarFile.java:103)
elasticsearch-node01_1 | at org.elasticsearch.bootstrap.JarHell.checkJarHell(JarHell.java:174)
elasticsearch-master_1 | at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:45)
elasticsearch-master_1 | Refer to the log for complete error details.
elasticsearch-node01_1 | at org.elasticsearch.bootstrap.JarHell.checkJarHell(JarHell.java:87)
elasticsearch-node01_1 | at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:180)
kibana-config_1 | % Total % Received % Xferd Average Speed Time Time Time Current
brodebianelasticsearch_elastic-data-master_1 exited with code 0
elasticsearch-node01_1 | at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:286)
elasticsearch-node01_1 | at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:45)
elasticsearch-node01_1 | Refer to the log for complete error details.
brodebianelasticsearch_elastic-data-node02_1 exited with code 0
brodebianelasticsearch_elasticsearch-node02_1 exited with code 1
kibana-config_1 | Dload Upload Total Spent Left Speed
brodebianelasticsearch_nginx_1 exited with code 1
brodebianelasticsearch_elasticsearch-master_1 exited with code 1
brodebianelasticsearch_elasticsearch-node01_1 exited with code 1
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0curl: (7) Failed to connect to elasticsearch port 9200: Connection refused
kibana-config_1 | Elasticsearch is unavailable - sleeping
bro-mapping_1 | % Total % Received % Xferd Average Speed Time Time Time Current
bro-mapping_1 | Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (6) Could not resolve host: elasticsearch
bro-mapping_1 | Elasticsearch is unavailable - sleeping
bro-xinitd-forensic_1 | 2017-07-21 18:56:22,849 CRIT Supervisor running as root (no user in config file)
bro-xinitd-forensic_1 | 2017-07-21 18:56:22,858 INFO supervisord started with pid 11
bro-xinitd-forensic_1 | 2017-07-21 18:56:23,860 INFO spawned: 'xinetd' with pid 14
bro-xinitd-forensic_1 | 2017-07-21 18:56:23,862 INFO spawned: 'apache2' with pid 15
bro-xinitd-forensic_1 | 2017-07-21 18:56:25,077 INFO success: xinetd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
bro-xinitd-forensic_1 | 2017-07-21 18:56:25,077 INFO success: apache2 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
bro-xinitd-forensic_1 | 2017-07-21 18:56:25,099 INFO exited: apache2 (exit status 0; expected)
kibana-config_1 | % Total % Received % Xferd Average Speed Time Time Time Current
kibana-config_1 | Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (7) Failed to connect to elasticsearch port 9200: Connection refused
kibana-config_1 | Elasticsearch is unavailable - sleeping_
bro does not start
In bro-extra
@load policy/protocols/conn/mac-logging
the file is not available in the container
tcprs
bro in the forensic container does not work since it still references tcprs. (In bro-extra first line)
Can't see any logs in kibana
I setup a 3 elk cluster kibana and bro with xinetd-elasticsearch role i send traffic with /dev/stdout but i can't see any logsin kibana. Any advice?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.