This is easier on the end consumer

Preprocessor configuration, usage, and caveats in general. Some special purpose preprocessors need calling out (ie forwarder)

Section 2.5 of master pdf

With the IP in hand, visit the Gravwell web page and upload your license.

License file upload no longer needed in training package, so the references to making sure you can upload the license file can be confusing.

How accelerators work with regards to what queries will engage them. Example: regex acceleration requires the exact same regex in the query in order to engage acceleration.

Discovered the following Typo in the training material:

4.15.1 Hands On Lab: Network Activity Dashboard.

2nd search command example to be entered:
tag=netflow netflow IP Bytes | stats sum(Bytes) by IP | tab IP su

Final su should be sum for the search to execute properly.

Lab 7.8.1:
ls -lh /opt/gravwell/cache
did not show the increased size as indicated for me

I could use either:
ls -lh /opt/gravwell/cache/simple_relay.cache/e
or:
ls -lhR /opt/gravwell/cache (more generic)
had to find the correct subdirectory see the expected change.

Did not return to 4.0M as indicated. Went to 0 after unpause
before:

after:

Update training with new nodes

Section 4.3.1

The first hands on lab walks through the ingest of logs, and then tells you to perform a few queries to filter the logs.

Issues:

1. Filter instructions have generic instructions: ex Filter the auth logs to only include logs from the sshd daemon on the host PORTER
   • Section provides no detail on how to format the query Or the expected output
2. Lack of data provided on how the data is being ingested into the system
   • No detail on ingester configuration being applied, ie: Tags
   • No detail on type of data being imported or how it's formatted.

Suggestions:

1. As this is the first hands-on exercise within the training document, it may make sense to provide the queries that are expected to be run, or the expected output. This may help with providing confidence to the audience that they are doing things correctly as they start implementing theory provided in previous sections into practical application of the knowledge
2. Provide a snippet of the raw data, or high level outline of how the data is being entered into the system. (ie: Tags applied to the data, general outline of the log data format).
   • Provide a quick outline/image of how the log data imported is formatted. While Authlog/Syslog formatting is a defined and understood standard, it would be a mistake to assume that the training audience has the knowledge/experience with Linux System administration needed to know how to search the data on their own. (ex. Windows SysAdmins, Security engineers, Network engineers, Application support, etc )

Timezones! It’s possible to ingest data into the future, making it less obvious to query. This is particularly odd to wrap your head around when you have indexers and ingesters in different timezones.

GUI/images/account-prefs.png
GUI/images/email-prefs.png
GUI/images/filter-hidden-applied.png
GUI/images/filter-hidden.png
GUI/images/filter-labels.png
GUI/images/filter-owner.png
GUI/images/filters-menu.png
GUI/images/filters-options.png
GUI/images/general-prefs.png
GUI/images/homepage.png
GUI/images/interface-prefs.png
GUI/images/menu-expanded.png
GUI/images/menu.png
GUI/images/notification-menu.png
GUI/images/notif-normal.png
GUI/images/notif-severe.png
GUI/images/playbook-edit.png
GUI/images/playbook-gallery.png
GUI/images/playbook-read.png
GUI/images/playbooks.png
GUI/images/playbook-upload2.png
GUI/images/playbook-upload.png
GUI/images/resource-labels.png
GUI/images/user-dropdown.png

What the calendar view actually shows (data ingested vs data at rest)

maybe roll a Docker file that will build it all for us?

here is a start:

FROM ubuntu:focal

# Install dependencies
RUN apt-get update && DEBIAN_FRONTEND='noninteractive' apt-get --yes install \
  texlive-* latexmk make golang locales curl apt-transport-https ca-certificates software-properties-common

# Docker config
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" && apt install -y docker-ce

# Locales config
RUN locale-gen en_US.UTF-8 && update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8

# Golang config
RUN mkdir -p $HOME/go/{bin,src} && export GOPATH=$HOME/go && export PATH=$PATH:$GOPATH/bin:/usr/local/go/bin

Search/images/actionables-menu.png
Search/images/actionables-overview.png
Search/images/bg-existing-search.png
Search/images/bg-new-search.png
Search/images/compound-breakdown.png
Search/images/compound-table1.png
Search/images/compound-table2.png
Search/images/dashboard-template.png
Search/images/data-fusion-pipeline.png
Search/images/default-group.png
Search/images/extractors-page.png
Search/images/keg-stddev.png
Search/images/keg-temps.png
Search/images/lab-csv-raw.png
Search/images/lab-john-bob.png
Search/images/lab-shared-search.png
Search/images/lab-test-ax.png
Search/images/lab-test-group.png
Search/images/mac-host-table.png
Search/images/new-dashboard.png
Search/images/new-extractor.png
Search/images/newgroup-foo.png
Search/images/persistent-searches.png
Search/images/pipeline.png
Search/images/save-search-menu.png
Search/images/save-search.png
Search/images/script-results.png
Search/images/script-upload.png
Search/images/share-search.png
Search/images/sliced-keg.png
Search/images/template-editor.png
Search/images/template-prompt.png
Search/images/text-json-prettyprint.png

DONE

PR https://github.com/gravwell/training/pull/28

Search/images/chart-line.png
Search/images/chart-pie.png
Search/images/extract-chaining.png
Search/images/extract-ev.png
Search/images/extract-ip.png
Search/images/fdg-classC.png
Search/images/fdg-context.png
Search/images/heatmap-basic.png
Search/images/heatmap-bytes.png
Search/images/hex-decode-url.png
Search/images/maxmind-pointmap.png
Search/images/maxmind-upload.png
Search/images/nontemporal-render.png
Search/images/pointmap2.png
Search/images/pointmap-ip.png
Search/images/resource-edit.png
Search/images/resource-new.png
Search/images/resource-page.png
Search/images/stackgraph-ssh.png
Search/images/stackgraph-traffic.png
Search/images/table-brute-force.png
Search/images/table-ssh-login.png
Search/images/table-tag-data.png
Search/images/temporal-render.png
Search/images/text-context-menu.png
Search/images/text-entries.png
Search/images/text-ev.png
Search/images/url-extract-json.png

Some nodes deserve particular explanations:

• PDF
• Email
• Slack/Teams

Hands On Lab exercises assume Trainee has pre-existing knowledge in order to complete item.

Entries below generally assume that successful completion requires usage of modules / syntax / process that has not been detailed in previously within the training material , and while It may be a common usage across a variety of applications/products we cannot assume all potential consumers of our training material have experience with common usage.

(Design training for the lowest common denominator to help ensure concepts are fully understood and application users have the tools they need to utilize the product)

Master entry with specific incident details added in comments.

• UserMgmt/images/edituser.png
• UserMgmt/images/empty-groups.png
• UserMgmt/images/grouptile.png
• UserMgmt/images/newgroup.png
• UserMgmt/images/newuser.png
• UserMgmt/images/userhistory.png
• UserMgmt/images/users-admin.png
• UserMgmt/images/usertile.png

In the web server section, came across this TODO:
%%%%%%%%%%
% TODO: Kris please update this for the Gravwell load balancer
%%%%%%%%%%

Stack merge & nest merge. They can be confusing; talk about why you'd use them vs. just chaining things, explain the differences between the merge types.

Data Explorer 2.0 is the focus of the 5.1.0 release.

Indexers/images/coldstore.png
Indexers/images/docker-wells.png
Indexers/images/greece-accel.png
Indexers/images/hardware.png
Indexers/images/hotstore.png
Indexers/images/prebuffer.png
Indexers/images/replication-restore.png
Indexers/images/stats-accel.png
Indexers/images/tags.png
Indexers/images/wells.png

img/image106.png
img/image115.png
img/image18.png
img/image34.png
img/image60.png
img/image90.png
img/image95.png

ABAC documentation in general.
Wait until ABAC is done in the GUI!

Special purpose ingesters – especially file follower. There are caveats when bulk ingesting large datasets, and ingesters like file follower should not be used for those applications. There may be other examples of “onboarding historical data” types of things.

What does the “other” bin in charts, etc., mean? What data goes into that? How is it counted? How do we decide which sets to put into it?

The training doc doesn't actually teach you much about using the stats modules or about charting, but those are pretty important. I'd like to cover:

• When to use count vs stats count (multiple operations at once)
• Different types of charts
• How charts condense and bucket

For JS Node in Flows:
Moment JavaScript library
Still popular, but this library is considered a legacy project in maintenance mode. Consider updating to use a different example for loading an external library.

https://momentjs.com/docs/#/-project-status/
We now generally consider Moment to be a legacy project in maintenance mode. It is not dead, but it is indeed done.

• The configuration file provided in the Lab-Replication directory already has this block included without editing.
• The configuration file provided in the Lab-Acceleration directory already has all 3 wells added: json, json2, json3
• Simple Relay Lab: use rm in cleanup instructions instead of kill
• File Follower Lab: invalid docker command log
• Windows Logs Lab: winlog.json**.gz**
• Gravwell Anko Functions: email(from, to, subject, message) error - sends an email via SMTP. The from field is simply a
  string, while the to field should be a slice of strings containing email addresses. The subject and message fields
  are also strings which should contain the subject line and body of the email <-- Add words in bold for clarification
• Scripting Lab: add credentials as shown in CLI Lab
• CLI Lab: tag=json

The interface for Wells configuration and management has changed significantly

Automation/images/create-soar.png
Automation/images/dhcp-data.png
Automation/images/email-prefs.png
Automation/images/email-testing.png
Automation/images/lab-create-script.png
Automation/images/lab-emailsettings.png
Automation/images/lookup-results.png
Automation/images/new-scheduled.png
Automation/images/run-last-search.png
Automation/images/searchagent-warn.png

What needs to be done?

Update the image with regenerate tokens text

Why is this task needed?

The language has been updated

Identified room for improvement:

• Most Hands on Labs involve the same repeatable manual steps of ensuring the environment is clean before spinning the lab back up and ingesting the data required for the application exercises.
• Multiple long commands that much be manually entered each time create room for human error and can draw attention to the process of creating/managing docker containers instead of working within the Gravwell application.

Suggestion:

• create simple bash scripts within the training packet that can be run to automate the docker kill/ rm / create / run steps.
• Script complexity can run from a simple "Run DockerClean.sh" within a lab directory, to a more complex branching type master script that can automate setting up each exercise in a self contained manner ( ex: GravwellLabs --t basicSearch )

As training demand expands, Automation process could also be expanded to leverage functionality like AWS CloudFormation or AMI's to help create complete cloud based training environments for customers to remove some of the initial environment setup complexity.

Architecture/images/archicons.png
Architecture/images/cloudarchive.png
Architecture/images/cluster.png
Architecture/images/dataingest.png
Architecture/images/distributed.png
Architecture/images/offlinereplication.png
Architecture/images/onlinereplication.png
Architecture/images/singlenode.png
Architecture/images/soar.png

What are the implications of using the “connect null values” option in the chart renderer?
Include examples.
Wait until vega changes are done!

When I attempted this lab during my onboard training, I received errors and had trouble completing this lab. I tried to investigate a little bit using the troubleshooting tips in the documentation and I thought it was a TLS certificate configuration issue.
Please review this lab and verify that it is working properly.

7.3.3 Hands On Lab: File Follower

Around the middle of the section there is a NOTE that appears to be truncated and therefor missing the information it was attempting to convey

NOTE: If your host computer is set

We need to talk about compound queries. The data fusion section of the Search chapter should focus on using those instead of table -save or persistent maps.

Add a section about accessing the API directly. Start with the tokens API, since that's the best way to authenticate. Then talk about the direct search API and how it makes it easy to interface Gravwell with other systems like Power BI. Wrap up by showing how you can hit any of our API endpoints just as easily to e.g. poll last login times for users.

Section 4.15.1 is a very straightforward lab, but has room for some improvements which will enhance the training benefit for the consumers.

• After adding the 2 primary tiles to the Dashboard, The lab discusses adding an overview tile. There is however no instructions on how to configure or create the Overview tile within this lab.
• There are numerous mentions of going into the Settings Tab to configure various options for the Dashboard. The Settings menu may require a brief overview or screenshot to help show where the options are located within the Settings Menu. (I'm assuming that GUI enhancements since the training was originally written have impacted the Settings, such as it's moving from a tab to a separate menu.)

Update Ingesters/images

Figure 3.1 - Default welcome screen instead of search
Figure 3.9 -
`The “Search Group Visibility” option allows you to share the results of all searches with a given group; this can be a convenient way to collaborate. In the screenshot, the user has selected the group named “foo”; all members of that group will have access to the searches this user runs in the future.

The “Advanced Preferences” section can be ignored by most users. Selecting “Developer mode” enables manual editing of JSON preferences, while toggling “Experimental Features” will enable the Experimental Features section in the main menu.`
• The group foo is not selected in the referenced screenshot
• The Experimental Features toggle is not shown in the screenshot

Kits/images/available-kits.png
Kits/images/blank-kits.png
Kits/images/buildwizard1.png
Kits/images/buildwizard2.png
Kits/images/buildwizard3.png
Kits/images/buildwizard4.png
Kits/images/buildwizard5.png
Kits/images/explore.png
Kits/images/install-done.png
Kits/images/kit-menu.png
Kits/images/uninstall-confirm.png
Kits/images/uninstall-warn.png
Kits/images/upgradekit.png
Kits/images/wizard1.png
Kits/images/wizard2.png
Kits/images/wizard3.png
Kits/images/wizard4.png

For each of the Hands-On Labs, add explicit cleanup or keep open instructions.

• Lab 4.4.1 – cleanup 
• Lab 4.7.2 – cleanup 
• Lab 4.9.1 – cleanup 
• Lab 5.1.1 – keep open since Lab 5.2.1 explicitly refers to the container from the previous lab
• Lab 5.2.1 – keep open since Lab 5.3.4 explicitly refers to instance used in previous labs
• Lab 5.3.4 – cleanup 
• Lab 5.4.2 – cleanup 
• Lab 5.5.3 – cleanup 
• Lab 5.7.1 – cleanup 
• Lab 6.1.2 – cleanup 
• Lab 6.2.1 – cleanup 
• Lab 7.7.2 – cleanup 
• Lab 7.12.1 – cleanup 
• Lab 9.4 – cleanup 

What needs to be done?

Add secrets to training

Why is this task needed?

Secrets are new in 5.2.0

I have noticed that a large number of the screenshots, and some of the instructions on where to look for items, Are based on an older version of the GUI.

I would likely be helpful to update the screenshots within the training to reflect the current look/feel of the application.

Webserver/images/groups-menu.png
Webserver/images/groups-new.png
Webserver/images/twoindexers.png

Timestamp extraction caveats with ingesters. We recently added language on this on the doc server. An overview in the training materials would be useful.

What are the steps to reproduce this issue?

Follow the steps in the Hands-on Lab: Packet Capture Ingester

What happens?

• Running the command provided in the training appears to create/start a pcap container, but it doesn't stay running as detached:
  docker run --rm --net gravnet --name pcap -d -e GRAVWELL_CLEARTEXT_TARGETS=gravwell:4023 gravwell:pcap /opt/gravwell/bin/gravwell_network_capture
  
  

• Running this alternate command (-it instead of -d) gives an error:
  docker run --rm --net gravnet --name pcap -it -e GRAVWELL_CLEARTEXT_TARGETS=gravwell:4023 gravwell:pcap /opt/gravwell/bin/gravwell_network_capture

<14>1 2022-08-23T15:00:57.032416Z 1d781741f9c3 networklog - ingest/muxer.go:1394 [gw@1 indexer="tcp://gravwell:4023" ingester="networkLog" ingesteruuid="f9847335-af85-44cd-b502-96dc71468cb6"] initializing connection
fatal error: unexpected signal during runtime execution
[signal SIGSEGV: segmentation violation code=0x1 addr=0x63 pc=0x7fb639e95ef4]

runtime stack:
runtime.throw({0x8b4a6c?, 0x0?})
	runtime/panic.go:992 +0x71
runtime.sigpanic()
	runtime/signal_unix.go:802 +0x3a9

goroutine 25 [syscall]:
runtime.cgocall(0x710bfe, 0xc00004b598)
	runtime/cgocall.go:157 +0x5c fp=0xc00004b570 sp=0xc00004b538 pc=0x40529c
net._C2func_getaddrinfo(0xc0001ec190, 0x0, 0xc000161380, 0xc0000aa6f8)
	_cgo_gotypes.go:95 +0x56 fp=0xc00004b598 sp=0xc00004b570 pc=0x4ce4b6
net.cgoLookupIPCNAME.func1({0xc0001ec190, 0x0?, 0x407e38?}, 0xc0000a846e?, 0x4d273b?)
	net/cgo_unix.go:160 +0x9f fp=0xc00004b5f0 sp=0xc00004b598 pc=0x4cfd5f
net.cgoLookupIPCNAME({0x890889, 0x3}, {0xc0000a846e, 0x8})
	net/cgo_unix.go:160 +0x16d fp=0xc00004b738 sp=0xc00004b5f0 pc=0x4cf5cd
net.cgoIPLookup(0xbbcaf0?, {0x890889?, 0xc0001ec0a0?}, {0xc0000a846e?, 0x0?})
	net/cgo_unix.go:217 +0x3b fp=0xc00004b7a8 sp=0xc00004b738 pc=0x4cfe1b
net.cgoLookupIP.func1()
	net/cgo_unix.go:227 +0x36 fp=0xc00004b7e0 sp=0xc00004b7a8 pc=0x4d0256
runtime.goexit()
	runtime/asm_amd64.s:1571 +0x1 fp=0xc00004b7e8 sp=0xc00004b7e0 pc=0x466001
created by net.cgoLookupIP
	net/cgo_unix.go:227 +0x12a

goroutine 1 [select]:
github.com/gravwell/gravwell/v3/ingest.(*IngestMuxer).WaitForHotContext(0xc0000e38c0, {0x939d80, 0xc0000ae000}, 0x0)
	github.com/gravwell/gravwell/v3/ingest/muxer.go:723 +0x245
github.com/gravwell/gravwell/v3/ingest.(*IngestMuxer).WaitForHot(...)
	github.com/gravwell/gravwell/v3/ingest/muxer.go:697
main.main()
	github.com/gravwell/gravwell/v3/ingesters/networkLog/main.go:200 +0x118c

goroutine 19 [chan receive]:
github.com/gravwell/gravwell/v3/chancacher.(*ChanCacher).run(0xc0000a2bd0)
	github.com/gravwell/gravwell/v3/chancacher/chancacher.go:207 +0x50
created by github.com/gravwell/gravwell/v3/chancacher.NewChanCacher
	github.com/gravwell/gravwell/v3/chancacher/chancacher.go:198 +0xaad

goroutine 20 [chan receive]:
github.com/gravwell/gravwell/v3/chancacher.(*ChanCacher).run(0xc0000a2c60)
	github.com/gravwell/gravwell/v3/chancacher/chancacher.go:207 +0x50
created by github.com/gravwell/gravwell/v3/chancacher.NewChanCacher
	github.com/gravwell/gravwell/v3/chancacher/chancacher.go:198 +0xaad

goroutine 21 [select]:
net.(*Resolver).lookupIPAddr(0xbbcae0, {0x939db8?, 0xc0000aca80}, {0x890889, 0x3}, {0xc0000a846e, 0x8})
	net/lookup.go:325 +0x51b
net.(*Resolver).internetAddrList(0x939db8?, {0x939db8?, 0xc0000aca80?}, {0x890889, 0x3}, {0xc0000a846e?, 0xd?})
	net/ipsock.go:288 +0x67a
net.(*Resolver).resolveAddrList(0x1129088?, {0x939db8, 0xc0000aca80}, {0x890dc1, 0x4}, {0x890889?, 0x79df39d6689b2f00?}, {0xc0000a846e, 0xd}, {0x0, ...})
	net/dial.go:221 +0x41b
net.(*Dialer).DialContext(0xc00012bac0, {0x939d80, 0xc0000ae000}, {0x890889, 0x3}, {0xc0000a846e, 0xd})
	net/dial.go:406 +0x448
net.(*Dialer).Dial(...)
	net/dial.go:351
net.DialTimeout({0x890889?, 0xc00012bb68?}, {0xc0000a846e?, 0xc0000afaf6?}, 0x4?)
	net/dial.go:334 +0x85
github.com/gravwell/gravwell/v3/ingest.newTcpConn({0xc0000a846e?, 0x13?})
	github.com/gravwell/gravwell/v3/ingest/simple.go:262 +0x39
github.com/gravwell/gravwell/v3/ingest.newTCPConnection({0xc0000a846e, 0xd}, {0x0, 0x0}, {0x64, 0xfa, 0xbc, 0x31, 0xa3, 0x21, ...}, ...)
	github.com/gravwell/gravwell/v3/ingest/simple.go:252 +0x105
github.com/gravwell/gravwell/v3/ingest.initConnection({{0xc0000a8468, 0x13}, {0x0, 0x0}, {0xc00002a077, 0xd}}, {0xc0001e2570, 0x1, 0x1}, {0x0, ...}, ...)
	github.com/gravwell/gravwell/v3/ingest/simple.go:108 +0x10c
github.com/gravwell/gravwell/v3/ingest.(*IngestMuxer).getConnection(0xc0000e38c0, {{0xc0000a8468, 0x13}, {0x0, 0x0}, {0xc00002a077, 0xd}})
	github.com/gravwell/gravwell/v3/ingest/muxer.go:1396 +0x3c5
github.com/gravwell/gravwell/v3/ingest.(*IngestMuxer).connRoutine(0xc0000e38c0, 0x0)
	github.com/gravwell/gravwell/v3/ingest/muxer.go:1289 +0x725
created by github.com/gravwell/gravwell/v3/ingest.(*IngestMuxer).Start
	github.com/gravwell/gravwell/v3/ingest/muxer.go:457 +0x1be

goroutine 22 [sleep]:
time.Sleep(0x12a05f200)
	runtime/time.go:194 +0x12e
github.com/gravwell/gravwell/v3/ingest.(*IngestMuxer).stateReportRoutine(0xc0000e38c0)
	github.com/gravwell/gravwell/v3/ingest/muxer.go:525 +0x4b
created by github.com/gravwell/gravwell/v3/ingest.(*IngestMuxer).Start
	github.com/gravwell/gravwell/v3/ingest/muxer.go:462 +0x296

goroutine 23 [chan receive]:
github.com/gravwell/gravwell/v3/ingest.(*IngestMuxer).getNewConnSet(0xc0000e38c0, 0x1f4?, 0x0?, 0x1)
	github.com/gravwell/gravwell/v3/ingest/muxer.go:1022 +0xe9
github.com/gravwell/gravwell/v3/ingest.(*IngestMuxer).writeRelayRoutine(0xc0000e38c0, 0xc0000ac9c0, 0xc0001ae150)
	github.com/gravwell/gravwell/v3/ingest/muxer.go:1067 +0x178
created by github.com/gravwell/gravwell/v3/ingest.(*IngestMuxer).connRoutine
	github.com/gravwell/gravwell/v3/ingest/muxer.go:1253 +0x210

goroutine 24 [select]:
net.cgoLookupIP({0x939d48, 0xc0001e07c0}, {0x890889, 0x3}, {0xc0000a846e, 0x8})
	net/cgo_unix.go:228 +0x1aa
net.(*Resolver).lookupIP(0xbbcae0, {0x939d48, 0xc0001e07c0}, {0x890889, 0x3}, {0xc0000a846e, 0x8})
	net/lookup_unix.go:96 +0x128
net.glob..func1({0x939d48?, 0xc0001e07c0?}, 0x0?, {0x890889?, 0xc0000ac9c0?}, {0xc0000a846e?, 0x0?})
	net/hook.go:23 +0x3d
net.(*Resolver).lookupIPAddr.func1()
	net/lookup.go:319 +0x9f
internal/singleflight.(*Group).doCall(0xbbcaf0, 0xc000186a50, {0xc0001ec0a0, 0xc}, 0x0?)
	internal/singleflight/singleflight.go:95 +0x3b
created by internal/singleflight.(*Group).DoChan
	internal/singleflight/singleflight.go:88 +0x2ec

What were you expecting to happen?

The pcap ingester would remain running and the lab could be completed as described

Any logs, error output, etc?

See above.

Any other comments?

Kris indicated that he did not have this problem, so it may be specific to my environment.

I do not see any build errors when I build the training with the make command.
When I load the pcap docker image from the 5.0.1 tarball provided for training when I started, it works fine.

When I run the pcap docker image from my build, it fails as shown above.

Version Info

OS: Ubuntu 22.04.1 LTS
Kernel: 5.15.0-46-generic
Go: go version go1.18.1 linux/amd64

What are the steps to reproduce this issue?

Attempted to build training with license
I have not worked on any gravwell code before, only documentation, so I do not have other repos checked out. I do have golang installed though. Not sure if that is relevant.

What happens?

I get an error building permissions dockerfile
I get the same error building brokenperms

Creating slim container
building test
building base
building indexer
building webserver
building ingesters
building nflowgen
go: downloading golang.org/x/sys v0.0.0-20220731174439-a90be440212d
go: upgraded golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10 => v0.0.0-20220731174439-a90be440212d
building offlinereplication
building datastore
building permissions
Failed to build permissions
make: *** [Makefile:47: docker] Error 255

building brokenperms
Failed to build brokenperms
make: *** [Makefile:47: docker] Error 255

What were you expecting to happen?

training build would complete without errors

Any logs, error output, etc?

see output above

What versions of software are you using?

v5.0.5 training