pe3zx / mthc Goto Github PK

All-in-one bundle of MISP, TheHive and Cortex

License: MIT License

misp thehive-project cortex threat-intelligence threat-hunting incident-response incident-management ioc-framework dfir thehive

mthc's People

Contributors

Stargazers

Watchers

mthc's Issues

ModuleNotFoundError: No module named 'skbuild'

Currently running into this error and not sure why. Requirements.txt have been installed etc. Running on Opensuse Tumbleweed

Collecting oauth2==1.9.0.post1 (from -r REQUIREMENTS (line 53))
Downloading https://files.pythonhosted.org/packages/a0/6f/86db603912ecd04109af952c38bc08928886cf0e34c723481fa7db98b4b5/oauth2-1.9.0.post1-py2.py3-none-any.whl
Collecting opencv-python==4.4.0.44 (from -r REQUIREMENTS (line 54))
Downloading https://files.pythonhosted.org/packages/38/a9/cd39fd25df434b5d9451dc266c12b72f68282a2b9bd5d7b4aa2d57d6c20e/opencv-python-4.4.0.44.tar.gz (88.9MB)
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "", line 1, in
File "/tmp/pip-build-1m_bh6g1/opencv-python/setup.py", line 9, in
import skbuild
ModuleNotFoundError: No module named 'skbuild'

----------------------------------------

Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-1m_bh6g1/opencv-python/
ERROR: Service 'misp-web' failed to build: The command '/bin/sh -c cd misp-modules && pip3 install -I -r REQUIREMENTS && pip3 install -I . && echo "sudo -u www-data misp-modules -s -l 127.0.0.1 &" >>/etc/rc.local' returned a non-zero code: 1

Service 'misp-web' failed to build

I got an error while building the docker when it's installing the dependencies for misp-web.
The module trustar uses setuptools and more specificaly use_2to3 which has been discontinued since v58.0.0 of setuptools.
A solution I found is to modify the dockerfile for misp-web and downgrade setuptools to v57.5.0 and install trustar before upgrading setup tools again.

ModuleNotFoundError: No module named 'importlib.util'

During docker-compose up -d:

Collecting importlib==1.0.4
Downloading importlib-1.0.4.zip (7.1 kB)
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-qy0u37e9/importlib_c166265216f74de7b3fade999d0b8c1f/setup.py'"'"'; file='"'"'/tmp/pip-install-qy0u37e9/importlib_c166265216f74de7b3fade999d0b8c1f/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-pip-egg-info-z_sy139j
cwd: /tmp/pip-install-qy0u37e9/importlib_c166265216f74de7b3fade999d0b8c1f/
Complete output (11 lines):
Traceback (most recent call last):
File "", line 1, in
File "/usr/local/lib/python3.6/dist-packages/setuptools/init.py", line 10, in
import distutils.core
File "/usr/lib/python3.6/distutils/core.py", line 16, in
from distutils.dist import Distribution
File "/usr/lib/python3.6/distutils/dist.py", line 19, in
from distutils.util import check_environ, strtobool, rfc822_escape
File "/usr/lib/python3.6/distutils/util.py", line 9, in
import importlib.util
ModuleNotFoundError: No module named 'importlib.util'
----------------------------------------
ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
ERROR: Service 'misp-web' failed to build: The command '/bin/sh -c cd misp-modules && pip3 install -I -r REQUIREMENTS && pip3 install -I . && echo "sudo -u www-data misp-modules -s -l 127.0.0.1 &" >>/etc/rc.local' returned a non-zero code: 1

ElasticSearch fails to start

Attaching to mthc_nginx-proxy_1, mthc_elasticsearch_1, mthc_misp-db_1, mthc_misp-web_1, mthc_cortex_1, mthc_thehive_1
nginx-proxy_1 | Custom dhparam.pem file found, generation skipped
nginx-proxy_1 | forego | starting dockergen.1 on port 5000
elasticsearch_1 | [2019-08-07T21:05:56,116][INFO ][o.e.n.Node ] [] initializing ...
elasticsearch_1 | [2019-08-07T21:05:56,135][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [] uncaught exception in thread [main]
elasticsearch_1 | org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: Failed to create node environment
elasticsearch_1 | at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:123) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:67) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:134) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:91) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:84) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | Caused by: java.lang.IllegalStateException: Failed to create node environment
elasticsearch_1 | at org.elasticsearch.node.Node.(Node.java:268) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.node.Node.(Node.java:245) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Bootstrap$5.(Bootstrap.java:233) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:233) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:342) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:132) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | ... 6 more
elasticsearch_1 | Caused by: java.nio.file.AccessDeniedException: /usr/share/elasticsearch/data/nodes
elasticsearch_1 | at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84) ~[?:?]
elasticsearch_1 | at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102) ~[?:?]
elasticsearch_1 | at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107) ~[?:?]
elasticsearch_1 | at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384) ~[?:?]
elasticsearch_1 | at java.nio.file.Files.createDirectory(Files.java:674) ~[?:1.8.0_141]
elasticsearch_1 | at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781) ~[?:1.8.0_141]
elasticsearch_1 | at java.nio.file.Files.createDirectories(Files.java:767) ~[?:1.8.0_141]
elasticsearch_1 | at org.elasticsearch.env.NodeEnvironment.(NodeEnvironment.java:221) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.node.Node.(Node.java:265) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.node.Node.(Node.java:245) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Bootstrap$5.(Bootstrap.java:233) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:233) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:342) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:132) ~[elasticsearch-5.6.0.jar:5.6.0]
elasticsearch_1 | ... 6 more
nginx-proxy_1 | forego | starting nginx.1 on port 5100.....

Error Build misp-web Could not connect to archive.ubuntu.com:80

I use an internal proxy to be able to access the internet when trying to Building Misp-web an error occurs as follows: please help how do I set up my internal proxy so that it can run

Building misp-web Step 1/54 : FROM ubuntu:bionic ---> ccc6e87d482b Step 2/54 : ENV DEBIAN_FRONTEND noninteractive ---> Using cache ---> 115c53eeec1f Step 3/54 : RUN apt-get update && apt-get dist-upgrade -y && apt-get autoremove -y && apt-get clean && apt-get install -y software-properties-common && apt-get install -y postfix && apt-get install -y mysql-client curl gcc git gnupg-agent make python openssl redis-server sudo vim zip locales ---> Running in 43bfe03156d3 Err:1 http://archive.ubuntu.com/ubuntu bionic InRelease Could not connect to archive.ubuntu.com:80 (91.189.88.24), connection timed out Could not connect to archive.ubuntu.com:80 (91.189.88.149), connection timed out Could not connect to archive.ubuntu.com:80 (91.189.88.174), connection timed out Could not connect to archive.ubuntu.com:80 (91.189.88.31), connection timed out Could not connect to archive.ubuntu.com:80 (91.189.88.162), connection timed out Could not connect to archive.ubuntu.com:80 (91.189.88.173), connection timed out Err:2 http://archive.ubuntu.com/ubuntu bionic-updates InRelease Unable to connect to archive.ubuntu.com:http: Err:3 http://archive.ubuntu.com/ubuntu bionic-backports InRelease Unable to connect to archive.ubuntu.com:http: Err:4 http://security.ubuntu.com/ubuntu bionic-security InRelease Could not connect to security.ubuntu.com:80 (91.189.91.26), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.174), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.162), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.149), connection timed out Could not connect to security.ubuntu.com:80 (91.189.91.23), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.173), connection timed out Could not connect to security.ubuntu.com:80 (91.189.91.24), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.31), connection timed out Could not connect to security.ubuntu.com:80 (91.189.91.14), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.24), connection timed out Reading package lists... W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic/InRelease Could not connect to archive.ubuntu.com:80 (91.189.88.24), connection timed out Could not connect to archive.ubuntu.com:80 (91.189.88.149), connection timed out Could not connect to archive.ubuntu.com:80 (91.189.88.174), connection timed out Could not connect to archive.ubuntu.com:80 (91.189.88.31), connection timed out Could not connect to archive.ubuntu.com:80 (91.189.88.162), connection timed out Could not connect to archive.ubuntu.com:80 (91.189.88.173), connection timed out W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic-updates/InRelease Unable to connect to archive.ubuntu.com:http: W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic-backports/InRelease Unable to connect to archive.ubuntu.com:http: W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/bionic-security/InRelease Could not connect to security.ubuntu.com:80 (91.189.91.26), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.174), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.162), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.149), connection timed out Could not connect to security.ubuntu.com:80 (91.189.91.23), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.173), connection timed out Could not connect to security.ubuntu.com:80 (91.189.91.24), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.31), connection timed out Could not connect to security.ubuntu.com:80 (91.189.91.14), connection timed out Could not connect to security.ubuntu.com:80 (91.189.88.24), connection timed out W: Some index files failed to download. They have been ignored, or old ones used instead. Reading package lists... Building dependency tree... Reading state information... Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Reading package lists... Building dependency tree... Reading state information... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Reading package lists... Building dependency tree... Reading state information... E: Unable to locate package software-properties-common ERROR: Service 'misp-web' failed to build: The command '/bin/sh -c apt-get update && apt-get dist-upgrade -y && apt-get autoremove -y && apt-get clean && apt-get install -y software-properties-common && apt-get install -y postfix && apt-get install -y mysql-client curl gcc git gnupg-agent make python openssl redis-server sudo vim zip locales' returned a non-zero code: 100

Cortex requirements

I'm looking for a clarification.
I initially ran the below on my host, as it didn't refer to running it inside a docker.
How should this actually be run?
before/after the docker-compose up?
which docker / host?

for I in $(find Cortex-Analyzers -name 'requirements.txt'); do pip2 install -r $I; done &&
for I in $(find Cortex-Analyzers -name 'requirements.txt'); do pip3 install -r $I || true; done

Hadd to add python-dateutil in misp-web dockerfile

Hello,
just to keep you up to date, I had to add another apt package to be installed.

The iroginal error:
error: The 'python-dateutil' distribution was not found and is required by cybox
ERROR: Service 'misp-web' failed to build: The command '/bin/sh -c python setup.py install' returned a non-zero code: 1

I've added python-dateutil into the Dockerfile at ** ./mthc/apps/misp-docker/web**

RUN apt-get install -y python-dateutil python-dev python-pip libxml2-dev libxslt1-dev zlib1g-dev python-setuptools libfuzzy-dev
RUN apt-get install -y cron logrotate supervisor syslog-ng-core
RUN apt-get clean

After making this change, the "build" installation went through smoothly. :-)

Thanks a lot for all the great work you did.

Cheers
Marcus

Question regarding Analyzer dependencies installation

Hi,

Firstly, thanks for your work putting this together. Greatly appreciated.

Secondly, how did you install the dependencies. I exec into the docker container but get the error of sudo not recognized. How did you get around this?

Thanks again.

error python - deploy

I am having trouble deploying the docker-compose.yml
Do you know if there are conflicts with python versions?

Regards.-

Can't deploy on Portainer

Hi,
I liked your idea here, and I'm trying to deploy it on Portainer 2.0.1, but failing.
Errors about the network configuration and about other services:

The network mithc1_mthc cannot be used with services. Only networks scoped to the swarm can be used, such as those created with the overlay driver.

I'm lost, and I hope if can guide me.
I have installed MISP using https://github.com/harvard-itsecurity/docker-misp, but for I'm not experienced with Dockers much, I could not combine the other solutions (Cortex, TheHive) easily.

Regards,
Khalid.

ERROR: Service 'misp-web' failed to build

Step 52/144 : RUN php composer-setup.php
---> Running in dc96c2a77f56
Could not open input file: composer-setup.php
ERROR: Service 'misp-web' failed to build: The command '/bin/sh -c php composer-setup.php' returned a non-zero code: 1

Docker compose fails with apt errors

Looking into this, I think it's because apt-update is on its own line in a Dockerfile.
The image gets cached and doesn't update when it's supposed to run.

https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run

Here's what it looks like when I run docker-compose

Step 15/144 : RUN apt-get install -y php-pear pkg-config libbson-1.0 libmongoc-1.0-0 php-xml php-dev php-gd
 ---> Running in 6bd2fac85299
Reading package lists...
Building dependency tree...
Reading state information...
php-pear is already the newest version (1:1.10.8+submodules+notgz-1+ubuntu16.04.1+deb.sury.org+1).
php-pear set to manually installed.
The following additional packages will be installed:
  fontconfig-config fonts-dejavu-core libfontconfig1 libfreetype6 libgd3
  libjbig0 libjpeg-turbo8 libjpeg8 libpcre2-16-0 libpcre2-32-0 libpcre2-dev
  libpcre2-posix0 libpng12-0 libtiff5 libwebp6 libxpm4 libyajl2 php7.3-dev
  php7.3-gd php7.3-xml
Suggested packages:
  libgd-tools dh-php
The following NEW packages will be installed:
  fontconfig-config fonts-dejavu-core libbson-1.0-0 libfontconfig1
  libfreetype6 libgd3 libjbig0 libjpeg-turbo8 libjpeg8 libmongoc-1.0-0
  libpcre2-16-0 libpcre2-32-0 libpcre2-dev libpcre2-posix0 libpng12-0 libtiff5
  libwebp6 libxpm4 libyajl2 php-dev php-gd php-xml php7.3-dev php7.3-gd
  php7.3-xml pkg-config
0 upgraded, 26 newly installed, 0 to remove and 2 not upgraded.
Need to get 4,236 kB of archives.
After this operation, 17.9 MB of additional disk space will be used.
Err:1 http://security.ubuntu.com/ubuntu xenial-security/main amd64 libjpeg-turbo8 amd64 1.4.2-0ubuntu3.1
  404  Not Found [IP: 91.189.88.24 80]
Get:2 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 libyajl2 amd64 2.1.0-2+deb.sury.org~xenial+1 [19.5 kB]
Get:3 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 libpng12-0 amd64 1.2.54-1ubuntu1.1 [116 kB]
Get:4 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 libjbig0 amd64 2.1-3.1+deb.sury.org~xenial+1 [26.4 kB]
Get:5 http://archive.ubuntu.com/ubuntu xenial/main amd64 fonts-dejavu-core all 2.35-1 [1,039 kB]
Err:1 http://security.ubuntu.com/ubuntu xenial-security/main amd64 libjpeg-turbo8 amd64 1.4.2-0ubuntu3.1
  404  Not Found [IP: 91.189.88.24 80]
Get:6 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 libwebp6 amd64 0.6.0-4+ubuntu16.04.1+deb.sury.org+1 [184 kB]
Get:7 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 fontconfig-config all 2.11.94-0ubuntu1.1 [49.9 kB]
Get:8 http://archive.ubuntu.com/ubuntu xenial/universe amd64 libbson-1.0-0 amd64 1.3.1-1 [54.9 kB]
Err:9 http://security.ubuntu.com/ubuntu xenial-security/main amd64 libfreetype6 amd64 2.6.1-0.1ubuntu2.3
  404  Not Found [IP: 91.189.88.24 80]
Get:10 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 libfontconfig1 amd64 2.11.94-0ubuntu1.1 [131 kB]
Get:11 http://archive.ubuntu.com/ubuntu xenial/main amd64 libjpeg8 amd64 8c-2ubuntu8 [2,194 B]
Ign:12 http://security.ubuntu.com/ubuntu xenial-security/main amd64 libtiff5 amd64 4.0.6-1ubuntu0.6
Get:13 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 libxpm4 amd64 1:3.5.11-1ubuntu0.16.04.1 [33.8 kB]
Get:14 http://archive.ubuntu.com/ubuntu xenial/universe amd64 libmongoc-1.0-0 amd64 1.3.1-1 [113 kB]
Get:15 http://archive.ubuntu.com/ubuntu xenial/main amd64 pkg-config amd64 0.29.1-0ubuntu1 [45.0 kB]
Err:9 http://security.ubuntu.com/ubuntu xenial-security/main amd64 libfreetype6 amd64 2.6.1-0.1ubuntu2.3
  404  Not Found [IP: 91.189.88.24 80]
Err:12 http://security.ubuntu.com/ubuntu xenial-security/main amd64 libtiff5 amd64 4.0.6-1ubuntu0.6
  404  Not Found [IP: 91.189.88.24 80]
Get:16 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 libgd3 amd64 2.2.5-5.2+ubuntu16.04.1+deb.sury.org+1 [134 kB]
Err:17 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 libpcre2-16-0 amd64 10.33-1+ubuntu16.04.1+deb.sury.org+1
  404  Not Found
Err:18 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 libpcre2-32-0 amd64 10.33-1+ubuntu16.04.1+deb.sury.org+1
  404  Not Found
Get:19 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 libpcre2-posix0 amd64 10.33-1+ubuntu16.04.1+deb.sury.org+1 [7,340 B]
Err:20 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 libpcre2-dev amd64 10.33-1+ubuntu16.04.1+deb.sury.org+1
  404  Not Found
Err:21 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 php7.3-dev amd64 7.3.9-1+ubuntu16.04.1+deb.sury.org+1
  404  Not Found
Err:22 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 php-dev all 2:7.3+69+ubuntu16.04.1+deb.sury.org+2+php7.3
  404  Not Found
Err:23 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 php7.3-gd amd64 7.3.9-1+ubuntu16.04.1+deb.sury.org+1
  404  Not Found
Err:24 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 php-gd all 2:7.3+69+ubuntu16.04.1+deb.sury.org+2+php7.3
  404  Not Found
Err:25 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 php7.3-xml amd64 7.3.9-1+ubuntu16.04.1+deb.sury.org+1
  404  Not Found
Err:26 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 php-xml all 2:7.3+69+ubuntu16.04.1+deb.sury.org+2+php7.3
  404  Not Found
Fetched 1,955 kB in 1s (1,164 kB/s)
E: Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/libj/libjpeg-turbo/libjpeg-turbo8_1.4.2-0ubuntu3.1_amd64.deb  404  Not Found [IP: 91.189.88.24 80]

E: Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.6.1-0.1ubuntu2.3_amd64.deb  404  Not Found [IP: 91.189.88.24 80]

E: Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff5_4.0.6-1ubuntu0.6_amd64.deb  404  Not Found [IP: 91.189.88.24 80]

E: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/pool/main/p/pcre2/libpcre2-16-0_10.33-1+ubuntu16.04.1+deb.sury.org+1_amd64.deb  404  Not Found

E: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/pool/main/p/pcre2/libpcre2-32-0_10.33-1+ubuntu16.04.1+deb.sury.org+1_amd64.deb  404  Not Found

E: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/pool/main/p/pcre2/libpcre2-dev_10.33-1+ubuntu16.04.1+deb.sury.org+1_amd64.deb  404  Not Found

E: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/pool/main/p/php7.3/php7.3-dev_7.3.9-1+ubuntu16.04.1+deb.sury.org+1_amd64.deb  404  Not Found

E: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/pool/main/p/php-defaults/php-dev_7.3+69+ubuntu16.04.1+deb.sury.org+2+php7.3_all.deb  404  Not Found

E: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/pool/main/p/php7.3/php7.3-gd_7.3.9-1+ubuntu16.04.1+deb.sury.org+1_amd64.deb  404  Not Found

E: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/pool/main/p/php-defaults/php-gd_7.3+69+ubuntu16.04.1+deb.sury.org+2+php7.3_all.deb  404  Not Found

E: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/pool/main/p/php7.3/php7.3-xml_7.3.9-1+ubuntu16.04.1+deb.sury.org+1_amd64.deb  404  Not Found

E: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/pool/main/p/php-defaults/php-xml_7.3+69+ubuntu16.04.1+deb.sury.org+2+php7.3_all.deb  404  Not Found

E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
ERROR: Service 'misp-web' failed to build: The command '/bin/sh -c apt-get install -y php-pear pkg-config libbson-1.0 libmongoc-1.0-0 php-xml php-dev php-gd' returned a non-zero code: 100

Multiple errors with build (e.g. MYSQL+MISP Access denied)

I am currently trying to deploy mthc using the following configuration:

---
version: "2"
services:
  nginx-proxy:
    image: jwilder/nginx-proxy
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./certs/:/etc/nginx/certs/
      - /var/run/docker.sock:/tmp/docker.sock:ro
    networks:
      - mthc

  misp-db:
    image: mysql/mysql-server:5.7
    restart: unless-stopped
    volumes:
      - ./data/misp/db:/var/lib/mysql
    environment:
      - MYSQL_DATABASE=misp
      - MYSQL_USER=misp
      - MYSQL_PASSWORD=4u9thouFETUON
      - MYSQL_ROOT_PASSWORD=4u9rrfbn4FETUON
    networks:
      - mthc

  misp-web:
    build: apps/misp-docker/web
    image: misp:latest
    restart: unless-stopped
    volumes:
      - /dev/urandom/:/dev/random
      - ./data/misp/web:/var/www/MISP
    environment:
      - MYSQL_HOST=misp-db
      - MYSQL_DATABASE=misp
      - MYSQL_USER=misp
      - MYSQL_PASSWORD=4u9thouFETUON
      - [email protected]
      - MISP_ADMIN_PASSPHRASE=4u9thouFETUON
      - MISP_BASEURL=http:\/\/misp\.test
      - POSTFIX_RELAY_HOST=relay.fqdn
      - TIMEZONE=Europe/Brussels
      - VIRTUAL_HOST=misp.ir.local
    networks:
      mthc:
        ipv4_address: 172.16.0.8

  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:5.6.0
    environment:
      - http.host=0.0.0.0
      - transport.host=0.0.0.0
      - xpack.security.enabled=false
      - cluster.name=hive
      - script.inline=true
      - thread_pool.index.queue_size=100000
      - thread_pool.search.queue_size=100000
      - thread_pool.bulk.queue_size=100000
    ulimits:
      nofile:
        soft: 65536
        hard: 65536
    ports:
      - "9200:9200"
      - "9300:9300"
    volumes:
      - ./data/elasticsearch:/usr/share/elasticsearch/data
    networks:
      mthc:
        ipv4_address: 172.16.0.9

  cortex:
    image: thehiveproject/cortex:latest
    depends_on:
      - elasticsearch
    expose:
      - "9001"
    volumes:
      - ./conf/cortex.conf:/etc/cortex/application.conf
      - ./apps/Cortex-Analyzers:/opt/Cortex-Analyzers
      - ./data/cortex/:/data
    environment:
      - VIRTUAL_HOST=cortex.ir.local
      - VIRTUAL_PORT=9001
    networks:
      mthc:
        ipv4_address: 172.16.0.11

  thehive:
    image: thehiveproject/thehive:latest
    depends_on:
      - elasticsearch
      - cortex
    expose:
      - "9000"
    volumes:
      - ./conf/thehive.conf:/etc/thehive/application.conf
    environment:
      - VIRTUAL_HOST=thehive.ir.local
      - VIRTUAL_PORT=9000
    networks:
      mthc:
        ipv4_address: 172.16.0.12

networks:
  mthc:
    driver: bridge
    ipam:
      config:
        - subnet: 172.16.0.0/24
          gateway: 172.16.0.2

Yet i am running into a couple of errors such as:

misp-db_1        | [Entrypoint] Starting MySQL 5.7.31-1.1.17
misp-web_1       | Waiting for database to be ready...
misp-web_1       | MYSQL_PASSWORD is set to '4u9thouFETUON'
misp-web_1       | mysql: [Warning] Using a password on the command line interface can be insecure.
misp-web_1       | ERROR 1045 (28000): Access denied for user 'misp'@'172.16.0.8' (using password: YES)

cortex_1         | WARNING: An illegal reflective access operation has occurred
cortex_1         | WARNING: Illegal reflective access by com.google.inject.internal.cglib.core.$ReflectUtils$1 (file:/opt/cortex/lib/com.google.inject.guice-4.1.0.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
cortex_1         | WARNING: Please consider reporting this to the maintainers of com.google.inject.internal.cglib.core.$ReflectUtils$1
cortex_1         | WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
cortex_1         | WARNING: All illegal access operations will be denied in a future release

nginx-proxy_1    | dockergen.1 | 2020/09/04 16:16:22 Received event die for container 0b072982f9d6
mthc_misp-web_1 exited with code 1
nginx-proxy_1    | dockergen.1 | 2020/09/04 16:16:23 Generated '/etc/nginx/conf.d/default.conf' from 6 containers
nginx-proxy_1    | dockergen.1 | 2020/09/04 16:16:23 Running 'nginx -s reload'
nginx-proxy_1    | dockergen.1 | 2020/09/04 16:16:25 Received event start for container 0b072982f9d6
misp-web_1       | Configuring postfix
nginx-proxy_1    | dockergen.1 | 2020/09/04 16:16:26 Generated '/etc/nginx/conf.d/default.conf' from 6 containers
nginx-proxy_1    | dockergen.1 | 2020/09/04 16:16:26 Running 'nginx -s reload'

In the end i get:

BRUBRAGA-M-T2CW:mthc brubraga$ docker ps
CONTAINER ID        IMAGE                                                 COMMAND                  CREATED             STATUS                          PORTS                                            NAMES
f27173d5de4d        thehiveproject/thehive:latest                         "/opt/thehive/entryp…"   About an hour ago   Up About an hour                9000/tcp                                         mthc_thehive_1
44dfe630567d        thehiveproject/cortex:latest                          "/opt/cortex/entrypo…"   About an hour ago   Up About an hour                9000-9001/tcp                                    mthc_cortex_1
0b072982f9d6        misp:latest                                           "/run.sh"                About an hour ago   Restarting (1) 10 seconds ago                                                    mthc_misp-web_1
08c63f9ac2a8        mysql/mysql-server:5.7                                "/entrypoint.sh mysq…"   About an hour ago   Up About an hour (healthy)      3306/tcp, 33060/tcp                              mthc_misp-db_1
1c67dcde4b74        jwilder/nginx-proxy                                   "/app/docker-entrypo…"   About an hour ago   Up About an hour                0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp         mthc_nginx-proxy_1
61130f92b024        docker.elastic.co/elasticsearch/elasticsearch:5.6.0   "/bin/bash bin/es-do…"   About an hour ago   Up About an hour                0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp   mthc_elasticsearch_1

Any idea what is happening here? I have changed misp-web ipv4_address since i was getting address already in use. It should not make much of a difference?

Thanks in advance

Known building issue on macOS

This issue occurred on macOS 12.2 running engine v20.10.2 and compose v1.29.2.

 => ERROR [11/19] RUN bash INSTALL_NODB.sh -A -u                                                                                                       4.4s
------                                                                                                                                                      
 > [11/19] RUN bash INSTALL_NODB.sh -A -u:                                                                                                                  
#16 3.810 sha1 matches                                                                                                                                      
#16 3.821 sha256 matches                                                                                                                                    
#16 3.838 sha384 matches                                                                                                                                    
#16 3.851 sha512 matches                                                                                                                                    
#16 3.852 tput: No value for $TERM and no -T specified
#16 3.854 -
#16 3.911 The following DB Passwords were generated...
#16 3.911 Admin (root) DB Password: 027d6197eff8b59846024cb4fc6559bbfcd30c7ca597d813de94d93be2a5dda1
#16 3.911 User  (misp) DB Password: bd3100a4ffae9e7b757b33fc114503b20f59b7eb5e5765b845d98d510c4a042a
#16 3.912 all
#16 3.912 unattended
#16 3.918     Either your platform is not easily detectable or is not supported by this
#16 3.918     installer script.
#16 3.918     Please visit the following URL for more detailed installation instructions:
#16 3.918     https://misp.github.io/MISP/
------
failed to solve: rpc error: code = Unknown desc = executor failed running [/bin/sh -c bash INSTALL_NODB.sh -A -u]: exit code: 1

pe3zx / mthc Goto Github PK

mthc's People

Contributors

Stargazers

Watchers

Forkers

mthc's Issues

Recommend Projects

Recommend Topics

Recommend Org