So-email Configuration

55 views
Skip to first unread message

Vivek Koushik

unread,
Nov 27, 2019, 5:32:19 AM11/27/19
to security-onion
Hi,

We are trying to setup email alerts for Security Onion. Followed the steps as mentioned in "https://securityonion.readthedocs.io/en/latest/email.html". Getting the below output while running sudo so-email command:

administrator@securityonion-siem:/usr/sbin$ sudo so-email

No X display found.

You'll need to either:

- use SSH X-forwarding (ssh -X)

OR

- use an answer file (sudo so-email -f so-email.conf)


Security Onion Email Setup

     Options:

        -h              This message
        -f <file>       Configure using answer file <file>

Usage: /usr/sbin/so-email


When trying command "sudo so-email -f so-email.conf", we are getting the below:

Error accessing so-email.conf

Kindly assist.

Wes Lambert

unread,
Nov 27, 2019, 4:07:36 PM11/27/19
to securit...@googlegroups.com
Did you actually copy over so-email.conf from /usr/share/securityonion, and modify it as needed? Otherwise, to run with a GUI, you will need to run on via X forwarding over SSH, or via a box with a GUI.

Thanks,
Wes

--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/security-onion/c85bdbf4-be06-45a6-9300-90a9146e7fa7%40googlegroups.com.


--

Vivek R Koushik

unread,
Nov 28, 2019, 4:17:41 AM11/28/19
to securit...@googlegroups.com
Hi,

Thank you for your quick response. 

I did try and modify the so-email.conf file. However, I was still getting the same error.

Now, I'm setting up Skedler for the Reports. Will update here if I'm able to successfully generate the required reports. 

To view this discussion on the web visit https://groups.google.com/d/msgid/security-onion/CAHjBB6GNsP_Ng_BCrLE9LcQbYo7OnzER6EOuNSiZNK6DrZiBcg%40mail.gmail.com.


--
Best Regards,
Vivek R Koushik

Andrew Albertson

unread,
Jun 2, 2020, 6:09:20 AM6/2/20
to security-onion
Sir, 

I ran into this when running a putty session. I know you can configure putty for X11 forwarding, but if you can get a console directly on the host you shouldn't get this error either.
Reply all
Reply to author
Forward
0 new messages