GithubHelp home page GithubHelp logo

411-docker's People

Contributors

kiwiz avatar

Stargazers

avatar avatar

Watchers

avatar avatar

Forkers

caiofralmeida geraldoandradee gamer22026

411-docker's Issues

Where to set Elasticsearch IP address and I get below error

I'm unable to execute docker-compose up and I don't know how to query the logs from elasticsearch . Please assist me. I get below error message on the 411 console.

Error: Uncaught TypeError: Cannot use 'in' operator to search for 'success' in <br /> <b>Fatal error</b>: Uncaught Elasticsearch\Common\Exceptions\NoNodesAvailableException: No alive nodes found in your cluster in /var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/ConnectionPool/StaticNoPingConnectionPool.php:51 Stack trace: #0 /var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Transport.php(71): Elasticsearch\ConnectionPool\StaticNoPingConnectionPool-&gt;nextConnection() #1 /var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Transport.php(89): Elasticsearch\Transport-&gt;getConnection() #2 /var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Connections/Connection.php(229): Elasticsearch\Transport-&gt;performRequest('HEAD', '/_template/411_...', Array, NULL, Array) #3 /var/www/411/vendor/react/promise/src/FulfilledPromise.php(25): Elasticsearch\Connections\Connection-&gt;Elasticsearch\Connections\{closure}(Array) #4 /var/www/411/vendor/guzzlehttp/ringphp/src/Future/CompletedFutureValue.php(55): React\Promise\FulfilledPromise-&gt;then(Object(Closure), NULL, NULL) #5 /var/ in <b>/var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/ConnectionPool/StaticNoPingConnectionPool.php</b> on line <b>51</b><br />
image

Getting Errors during setup

Hi there,

I'm using 411 on top of an OSSEC-ELK stack and I keep getting these errors:

"Error getting active count data"
"Error executing query"
Do you know what could be causing these issues?

Cron issues

The installed crontab does not appear to work. Install rsyslog shows incorrect permissions on 411_cron.
Correcting with chmod 600 /etc/cron.d/411_cron allows the job to run, but although the job runs, when output to a log file, the job still does not run via cron. Works fine manually.
The web interface continues to show the message 'processor has not run for 20 minutes'.

Error while building 411 image

Hi! I am having trouble building the 411 image provided in the repository.
I saw the Dockerfile and it seems to be OK, it follows pretty much what's on the PHP Docker Hub and I have several docker images using the same approach that worked in the same way, but apt-get is unable to update the container repositories:

➜  411-docker git:(master) docker-compose up -d
Building fouroneone
Step 1/27 : FROM php:7-apache
 ---> 4e0055e77cda
Step 2/27 : RUN apt-get update &&     apt-get -y install     unzip     git     libxml2-dev     libcurl4-openssl-dev     sqlite3     libsqlite3-dev     cron     supervisor
 ---> Running in dc6ee92ef802
Err http://deb.debian.org jessie InRelease
  
Err http://security.debian.org jessie/updates InRelease
  
Err http://security.debian.org jessie/updates Release.gpg
  Temporary failure resolving 'security.debian.org'
Err http://deb.debian.org jessie-updates InRelease
  
Err http://deb.debian.org jessie Release.gpg
  Temporary failure resolving 'deb.debian.org'
Err http://deb.debian.org jessie-updates Release.gpg
  Temporary failure resolving 'deb.debian.org'
Reading package lists...
W: Failed to fetch http://deb.debian.org/debian/dists/jessie/InRelease  

W: Failed to fetch http://deb.debian.org/debian/dists/jessie-updates/InRelease  

W: Failed to fetch http://security.debian.org/dists/jessie/updates/InRelease  

W: Failed to fetch http://deb.debian.org/debian/dists/jessie/Release.gpg  Temporary failure resolving 'deb.debian.org'

W: Failed to fetch http://security.debian.org/dists/jessie/updates/Release.gpg  Temporary failure resolving 'security.debian.org'

W: Failed to fetch http://deb.debian.org/debian/dists/jessie-updates/Release.gpg  Temporary failure resolving 'deb.debian.org'

W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists...
Building dependency tree...
Reading state information...
E: Unable to locate package unzip
E: Unable to locate package git
E: Unable to locate package libxml2-dev
E: Unable to locate package libcurl4-openssl-dev
E: Unable to locate package sqlite3
E: Unable to locate package libsqlite3-dev
E: Unable to locate package cron
E: Unable to locate package supervisor
ERROR: Service 'fouroneone' failed to build: The command '/bin/sh -c apt-get update &&     apt-get -y install     unzip     git     libxml2-dev     libcurl4-openssl-dev     sqlite3     libsqlite3-dev     cron     supervisor' returned a non-zero code: 100

asciinema: https://asciinema.org/a/khJtuHHBalL8jnMZXlJi7nUuX

➜  411-docker git:(master) curl http://deb.debian.org/debian/dists/jessie-updates/Release.gpg
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://cdn-fastly.deb.debian.org/debian/dists/jessie-updates/Release.gpg">here</a>.</p>
<hr>
<address>Apache Server at deb.debian.org Port 80</address>
</body></html>

It seems that the debian repository was moved
After searching a bit I found that on https://deb.debian.org/:

If you hit the server behind deb.debian.org directly, either because you use an older apt or because you use a HTTP proxy that does not support SRV records, your requests will get HTTP redirected to one of the CDN instances. If you want to avoid the redirects, you can pick one instance directly. For instance, this also works in your sources.list:
deb http://cdn-fastly.deb.debian.org/debian stable main
deb http://cdn-fastly.deb.debian.org/debian-security stable/updates main

Did you have anything like this?

Elasticsearch SSL connection es-5.x

When using a Searchguard protected Elasticsearch instance, configured with SSL and basic auth getting an error message 'No alive nodes found'. Using TCPdump it can be seen that 411 is connecting ok to port 9200.

[php7:notice] [pid 11] [client 192.168.0.21:59875] except [NONE] Elasticsearch\\Common\\Exceptions\\NoNodesAvailableException: "No alive nodes found in your cluster" at [/var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/ConnectionPool/StaticNoPingConnectionPool.php:51] 0:[Elasticsearch\\ConnectionPool\\StaticNoPingConnectionPool->nextConnection() called at [/var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Transport.php:72]] 1:[Elasticsearch\\Transport->getConnection() called at [/var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Transport.php:90]] 2:[Elasticsearch\\Transport->performRequest() called at [/var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Connections/Connection.php:240]] 3:[Elasticsearch\\Connections\\Connection->Elasticsearch\\Connections\\{closure}() called at [/var/www/411/vendor/react/promise/src/FulfilledPromise.php:25]] 4:[React\\Promise\\FulfilledPromise->then() called at [/var/www/411/vendor/guzzlehttp/ringphp/src/Future/CompletedFutureValue.php:55]] 5:[GuzzleHttp\\Ring\\Future\\CompletedFutureValue->then() called at [/var/www/411/vendor/guzzlehttp/ringphp/src/Core.php:341]] 6:[GuzzleHttp\\Ring\\Core::proxy() called at [/var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Connections/Connection.php:294]] 7:[Elasticsearch\\Connections\\Connection->Elasticsearch\\Connections\\{closure}() called at [/var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Connections/Connection.php:171]] 8:[Elasticsearch\\Connections\\Connection->performRequest() called at [/var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Transport.php:106]] 9:[Elasticsearch\\Transport->performRequest() called at [/var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Namespaces/BooleanRequestWrapper.php:38]] 10:[Elasticsearch\\Namespaces\\BooleanRequestWrapper::performRequest() called at [/var/www/411/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Namespaces/IndicesNamespace.php:689]] 11:[Elasticsearch\\Namespaces\\IndicesNamespace->existsTemplate() called at [/var/www/411/phplib/ESClient.php:71]] 12:[FOO\\ESClient->initializeIndex() called at [/var/www/411/phplib/ESClient.php:33]] 13:[FOO\\ESClient->__construct() called at [/var/www/411/phplib/REST/Dashboard.php:17]] 14:[FOO\\Dashboard_REST->GET() called at [/var/www/411/phplib/REST.php:107]] 15:[FOO\\REST->route() called at [/var/www/411/htdocs/api/dashboard.php:6]], referer: http://192.168.0.200:8080/

To reproduce, use the following docker-compose file:

version: '2'
services:
  fouroneone:
    build: .
    volumes:
      - es-config:/elasticsearch/config:ro
    ports:
     - "8080:80"
  es:
    image: khezen/elasticsearch:5
    environment:
      xpack.security.enabled: 'false'
      ELASTIC_PWD: changeme
    volumes:
       - es-config:/usr/share/elasticsearch/config
    ports:
     - "9200:9200"
volumes:
  es-config:

Modify the config.php file:

# Configuration for the 411 Alerts index.
    'alerts' => [
        'hosts' => ['https://elastic:changeme@es:9200'],
        'index_hosts' => [],
        'ssl_cert' => '/elasticsearch/config/searchguard/ssl/elastic.all.pem',
        'index' => null,
        'date_based' => false,
        'date_interval' => null,
        'date_field' => 'alert_date',
        'date_type' => null,
        'src_url' => null,
    ],
    # Configuration for the logstash index that 411 queries.
    'logstash' => [
        'hosts' => ['https://elastic:changeme@es:9200'],
        'index_hosts' => [],
        'ssl_cert' => '/elasticsearch/config/searchguard/ssl/elastic.all.pem',
        'index' => '[logstash-]Y.m.d',
        'date_based' => true,
        'date_interval' => 'd',
        'date_field' => '@timestamp',
        'date_type' => null,
        'src_url' => null,
    ],
];

Works ok when using the 2.x branch with khezen/elasticsearch:2.4

No longer builds

The change in Branches at 411 has caused this container to stop building; just FYI

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.