Hello,
I tried to install SO (
https://github.com/Security-Onion-Solutions/security-onion/wiki/InstallingOnUbuntu) and got errors during installation (step 13):
Setting up securityonion-sguil-agent-ossec (20120726-0ubuntu0securityonion15) ...
/etc/nsm/ossec/ossec_agent.conf does not exist, copying.
Setting up securityonion-sguil-sensor (20141004-0ubuntu0securityonion9) ...
* Reloading AppArmor profiles [100G Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
[94G[ OK ]
* If running any sensor processes, please restart them by running the following:
sudo nsm_sensor_ps-restart
* OR restart all NSM processes by running the following:
sudo service nsm restart
Setting up securityonion-daq (2.0.4-0ubuntu0securityonion2) ...
Setting up securityonion-pfring-daq (20121107-0ubuntu0securityonion9) ...
Setting up securityonion-snort (2.9.7.2-0ubuntu0securityonion2) ...
touch: cannot touch `/etc/nsm/rules/white_list.rules': No such file or directory
dpkg: error processing securityonion-snort (--configure):
subprocess installed post-installation script returned error exit status 1
Setting up securityonion-sostat (20120722-0ubuntu0securityonion34) ...
Setting up securityonion-suricata (2.0.8-0ubuntu0securityonion1) ...
dpkg: dependency problems prevent configuration of securityonion-sensor:
securityonion-sensor depends on securityonion-snort; however:
Package securityonion-snort is not configured yet.
dpkg: error processing securityonion-sensor (--configure):
dependency problems - leaving unconfigured
Setting up securityonion-capme (20121213-0ubuntu0securityonion20) ...