Installation of OpenSOC
1,007 views
Skip to first unread message
mafais...@gmail.com
Apr 22, 2015, 5:43:26 PM4/22/15
to opensoc...@googlegroups.com
Hi all,
I need to analysis a large number of PCAP files, stored in hbase on top hdfs.
I want use OpenSOC for my case. How can I do it?
In https://github.com/OpenSOC/opensoc-ui, an installation guideline is given. And in step 1:
I need to analysis a large number of PCAP files, stored in hbase on top hdfs.
I want use OpenSOC for my case. How can I do it?
In https://github.com/OpenSOC/opensoc-ui, an installation guideline is given. And in step 1:
OpenSOC UI requires access to the following services:
- ElasticSearch with OpenSOC data.
- PCAP Service for access to raw pcaps.
- Active Directory or LDAP for authentication.
Do I need all of them get installed in my system? How I need to configure them, is there any details for it?
--
Best Regards,
Mustafa
Mo Jia
Apr 26, 2015, 10:57:46 PM4/26/15
to opensoc...@googlegroups.com, mafais...@gmail.com
Do you have some Progress?
在 2015年4月23日星期四 UTC+8上午5:43:26,mafais...@gmail.com写道:
Run opensoc-ui in ubunut14.10, has error like this:
engine@engine:~$ opensoc-ui
warn: --minUptime not set. Defaulting to: 1000ms
warn: --spinSleepTime not set. Your script will exit if it does not stay up for at least 1000ms
Loading config from /home/engine/.opensoc-ui
Loading config from /home/engine/.opensoc-ui
util.js:555
ctor.prototype = Object.create(superCtor.prototype, {
^
TypeError: Cannot read property 'prototype' of undefined
at Object.exports.inherits (util.js:555:43)
at Object.<anonymous> (/usr/local/lib/node_modules/opensoc-ui/node_modules/http-proxy/lib/http-proxy/index.js:108:17)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Module.require (module.js:364:17)
at require (module.js:380:17)
at Object.<anonymous> (/usr/local/lib/node_modules/opensoc-ui/node_modules/http-proxy/lib/http-proxy.js:4:17)
at Module._compile (module.js:456:26)
worker 95209 died
util.js:555
ctor.prototype = Object.create(superCtor.prototype, {
^
TypeError: Cannot read property 'prototype' of undefined
at Object.exports.inherits (util.js:555:43)
at Object.<anonymous> (/usr/local/lib/node_modules/opensoc-ui/node_modules/http-proxy/lib/http-proxy/index.js:108:17)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Module.require (module.js:364:17)
at require (module.js:380:17)
at Object.<anonymous> (/usr/local/lib/node_modules/opensoc-ui/node_modules/http-proxy/lib/http-proxy.js:4:17)
at Module._compile (module.js:456:26)
worker 95210 died
error: Forever detected script exited with code: 0
在 2015年4月23日星期四 UTC+8上午5:43:26,mafais...@gmail.com写道:
colombo...@gmail.com
Jun 10, 2015, 8:13:50 AM6/10/15
to opensoc...@googlegroups.com, mafais...@gmail.com
Hi Mustafa,
I just finished to install opensoc-ui with pcapservice in order to visualize pcap files from hbase storage into kibana.
You will need the use of opensoc-ui of course, and the pcapservice part of Opensoc.
Don't know if you need whole of Opensoc-streaming package, but I don't think so.
In order to use it, configure your PcapService files to point to your hbase database.
configure your opensoc-ui server as explained on the git page.
Then compile the Opensoc-Pcapservice folder with maven, package it and use it by using:
java -classpath path/to/main_class -jar /path/to/jar_just_created
You will getyour pcapservice server launched, with default port 8081. I had to change some code into pcapservice java files because the http request sent by Opensoc-ui server wasn't well processed by Pcapservice, but maybe I still misunderstand some part of the process. Anyway, you should now see it work.
let me know if I was clear enough.
Pierre
I just finished to install opensoc-ui with pcapservice in order to visualize pcap files from hbase storage into kibana.
You will need the use of opensoc-ui of course, and the pcapservice part of Opensoc.
Don't know if you need whole of Opensoc-streaming package, but I don't think so.
In order to use it, configure your PcapService files to point to your hbase database.
configure your opensoc-ui server as explained on the git page.
Then compile the Opensoc-Pcapservice folder with maven, package it and use it by using:
java -classpath path/to/main_class -jar /path/to/jar_just_created
You will getyour pcapservice server launched, with default port 8081. I had to change some code into pcapservice java files because the http request sent by Opensoc-ui server wasn't well processed by Pcapservice, but maybe I still misunderstand some part of the process. Anyway, you should now see it work.
let me know if I was clear enough.
Pierre
shazia....@gmail.com
Sep 30, 2015, 10:58:19 AM9/30/15
to OpenSOC Support, mafais...@gmail.com, colombo...@gmail.com
Hi all,
Its my first time installing OpenSoc, I am getting various errors. Can anyone please brief me on how to perform the below steps:
- ElasticSearch with OpenSOC data.
- PCAP Service for access to raw pcaps.
- Active Directory or LDAP for authentication
taheri.no...@gmail.com
Sep 14, 2016, 12:16:32 AM9/14/16
to OpenSOC Support, mafais...@gmail.com, colombo...@gmail.com
dear
hello
it is my first time that i want to install and run opensoc
so i need some hint which could help me as a newbie :D
i will appreciate in advanced if you could help me
hello
it is my first time that i want to install and run opensoc
so i need some hint which could help me as a newbie :D
i will appreciate in advanced if you could help me
rony.j...@gmail.com
Feb 8, 2017, 1:49:47 PM2/8/17
to OpenSOC Support, mafais...@gmail.com
Hello there
I am new to this opensoc topic, but really wanna know how does it work and how can I install it?
Reply all
Reply to author
Forward
0 new messages