Comments (16)
Hi Allister,
did you edit a probe file? if so can you try lint the file, the error looks like a yml sythax error.
from zentral.
Hi Allister,
First of all, thanks for trying zentral out !
As Henry already answered, the error message you see is a YAML syntax error. But your custom config is not mounted at the right place. In the docker container, zentral expects the configuration to be in
/home/zentral/conf
. If you want to use your own conf, use the following
mounting option :
-v /Users/abanks/Downloads/zentral-conf-master:/home/zentral/conf
This will override the minimalistic configuration that we ship in the
zentral container.
The only problem left is that this minimalistic configuration (that
zentral must have used because you mounted your own at the wrong place)
should not trigger a YAML error. Did you edit it in the container ?
from zentral.
Gotcha, I gave that a spin and am now seeing a different error, which is not YAML-related, but I just JSON-linted and am not seeing where my issue is:
Check Zentral configuration
Traceback (most recent call last):
File "/home/zentral/zentral/bin/check_configuration.py", line 6, in <module>
zentral.setup()
File "/home/zentral/zentral/__init__.py", line 9, in setup
from zentral.conf import settings
File "/home/zentral/zentral/conf/__init__.py", line 65, in <module>
settings = load_config_file(find_conf_file(conf_dir, "base"))
File "/home/zentral/zentral/conf/__init__.py", line 60, in load_config_file
raise ImproperlyConfigured("{} error in file {}".format(filetype, filepath)) from None
zentral.core.exceptions.ImproperlyConfigured: JSON error in file /home/zentral/conf/base.json
This is after I moved on to the 4th setup doc and don't see any logs in /tmp/supervisorlog, it seems to not be fully starting up.
from zentral.
you possibly have a formatting problem in base.json? can you double check / lint base.json
from zentral.
Can't really help you past this point without having a look at the base.json file. Is there a way you can post it here without the secrets it might contains ?
from zentral.
Sure thing, https://gist.github.com/arubdesu/5146edbfe7c910ddf8c8
from zentral.
This config file is a valid JSON file and doesn't trigger an error on my test system. Must be something else. The gist you posted has base.conf in the title. could it be that you have both base.conf (OK, but not used) and base.json (with syntax errors, but used) in the config dir that you are mounting in the docker container ?
from zentral.
Nope, there's only the base.json, I mis-titled it.
from zentral.
Have you solved your problem or do you still need help ?
from zentral.
I'll get another chance soon, is there a new build on the docker hub?
from zentral.
I've just uploaded a new build.
from zentral.
I've gotten further along, but hit a wall trying to enroll a client with the command on step 6 here, which is also out of date as of osquery 1.6. (it should be --distributed_interval=60
and --disable_distributed=false
replace --distributed_poll_interval=60 and --distributed_enabled, respectively.
from zentral.
...and the error I'm getting is
I1110 10:41:56.673203 2107400192 tls.cpp:193] TLS/HTTPS POST request to URI: https://zentral/osquery/enroll
W1110 10:41:56.864115 2107400192 tls.cpp:75] Failed enrollment request to https://zentral/osquery/enroll (No enrollment key returned from TLS enroll plugin) retrying...
from zentral.
I am upgrading the container to have better django logs. In the meantime, you can try to check if the osquery secret match the osquery app conf in base.json.
from zentral.
yes the osqueryd flags have changed in osquery 1.6, will fix that for the doku. have you checked matching enroll secret secret in base.json
to the one used in enroll_secret.txt
?
from zentral.
I've just uploaded a new version of the zentral/zentral docker image. With this last image, you can get much more detailed logs from gunicorn, so that we can debug what's happening with your config. In order to do so, just mount a temp dir as the container supervisor log directory when you're running the container.
-v /path/to/a/writable/empty/dir:/var/log/supervisor
in the dir, you will get a file like
server_gunicorn-stderr---supervisor-_syrgv.log
It will contain all the HTTP requests to gunicorn with the eventual python errors.
from zentral.
Related Issues (20)
- Upgrade to new Django LTS 3.2
- docker deployment
- Enrollments (santa/osquery) can't be edited/removed once created HOT 1
- Manifest-side, munki/osquery enrollments can't use quota's/serials/udid's for filtering/restriction
- Minor, results view search field does not work when supplied bare integers, requires quoting
- http_post probe action fails with "NoneType object is not callable" HOT 2
- Restrict email invitation domain
- Adding TOTP to a local user repeatedly fails HOT 7
- Can't get syslog output working HOT 15
- deploy.py fails on running migrations while deploying v2021.2-100-g760f7d81 HOT 5
- export in zentral targets not working HOT 4
- Support for token auth in jamf
- Release notes date 2021 should be 2022
- AWS all in one HOT 1
- Docker deployment on cloud vm HOT 2
- Best way to retrieve osquery query run results from external app? HOT 3
- Feature request: metadata linkable to/inline with service accounts/api keys in users view
- Add identifier patterns for signing ID rules to API HOT 3
- Accept unusual Google identifiers for Signing ID Santa rules via ruleset API and rules/create in web interface HOT 1
- Ruleset API endpoint rejects signing IDs containing underscore and minus characters HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from zentral.