ran an update, sguild won't start
Jeff Nucciarone
I checked the log and saw this:
ERROR: You appear to be using an old version of the
sguil database schema that does not support the MERGE tables
Please use the migrate_event.tcl script and see the CHANGES
document for more information
. Table icmphdr returned status => icmphdr {} {} {} {} {} {} {} {} {} {} {} {} {} {} {} {} {Unable to open underlying table which is differently defined or of non-MyISAM type or doesn't exist}
*************************************************************
SGUILD: Exiting...
Before I go risking anything, I thought I would check in here first to collect some group wisdom....
Here's my version information:
=========================================================================
Last update
=========================================================================
Start-Date: 2015-09-02 17:46:53
Commandline: apt-get -y dist-upgrade
Upgrade: libexpat1:amd64 (2.0.1-7.2ubuntu1.1, 2.0.1-7.2ubuntu1.2)
End-Date: 2015-09-02 17:46:58
Start-Date: 2015-09-14 13:28:47
Commandline: apt-get -y dist-upgrade
Install: linux-headers-3.2.0-90:amd64 (3.2.0-90.128, automatic), linux-image-3.2
.0-90-generic:amd64 (3.2.0-90.128, automatic), linux-headers-3.2.0-90-generic:am
d64 (3.2.0-90.128, automatic)
Upgrade: bind9-host:amd64 (9.8.1.dfsg.P1-4ubuntu0.12, 9.8.1.dfsg.P1-4ubuntu0.13)
, dnsutils:amd64 (9.8.1.dfsg.P1-4ubuntu0.12, 9.8.1.dfsg.P1-4ubuntu0.13), linux-g
eneric:amd64 (3.2.0.89.103, 3.2.0.90.104), libdns81:amd64 (9.8.1.dfsg.P1-4ubuntu
0.12, 9.8.1.dfsg.P1-4ubuntu0.13), libslp1:amd64 (1.2.1-7.8ubuntu1, 1.2.1-7.8ubun
tu1.1), libfreetype6:amd64 (2.4.8-1ubuntu2.2, 2.4.8-1ubuntu2.3), libisccc80:amd6
4 (9.8.1.dfsg.P1-4ubuntu0.12, 9.8.1.dfsg.P1-4ubuntu0.13), securityonion-web-page
:amd64 (20141015-0ubuntu0securityonion27, 20141015-0ubuntu0securityonion28), lib
lwres80:amd64 (9.8.1.dfsg.P1-4ubuntu0.12, 9.8.1.dfsg.P1-4ubuntu0.13), dkms:amd64
(2.2.0.3-1ubuntu3.2, 2.2.0.3-1ubuntu3.3), linux-headers-generic:amd64 (3.2.0.89
.103, 3.2.0.90.104), libbind9-80:amd64 (9.8.1.dfsg.P1-4ubuntu0.12, 9.8.1.dfsg.P1
-4ubuntu0.13), linux-image-generic:amd64 (3.2.0.89.103, 3.2.0.90.104), libisccfg82:amd64 (9.8.1.dfsg.P1-4ubuntu0.12, 9.8.1.dfsg.P1-4ubuntu0.13), securityonion-elsa-extras:amd64 (20131117-1ubuntu0securityonion99, 20131117-1ubuntu0securityonion112), linux-libc-dev:amd64 (3.2.0-89.127, 3.2.0-90.128), libisc83:amd64 (9.8.1.dfsg.P1-4ubuntu0.12, 9.8.1.dfsg.P1-4ubuntu0.13)
End-Date: 2015-09-14 13:53:22
Doug Burks
Have you tried simply restarting the sguild service?
sudo nsm_server_ps-restart
If that results in the same error, I'd try running "sudo
sguil-db-purge" to check for any database corruption.
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.
--
Doug Burks
Need Security Onion Training or Commercial Support?
http://securityonionsolutions.com
Jeff Nucciarone
securityonion_db.icmphdr
Error : Table 'securityonion_db.icmphdr_host1-eth2_20150614' is differently
defined or of non-MyISAM type or doesn't exist
Error : Table 'securityonion_db.icmphdr_host2-eth2_20150614' is differen
tly defined or of non-MyISAM type or doesn't exist
Error : Table 'securityonion_db.icmphdr_host2-ossec_20150614' is differe
ntly defined or of non-MyISAM type or doesn't exist
Error : Table 'securityonion_db.icmphdr_host1-eth2_20150614' is differently
defined or of non-MyISAM type or doesn't exist
Error : Unable to open underlying table which is differently defined or of no
n-MyISAM type or doesn't exist
error : Corrupt
Checking /var/lib/mysql I cannt find any .MYI file associated with this particular date. I ran a myisamchk on every file in the directory anyway but this error keeps coming up.
Jeff Nucciarone
thanks Doug, the sguil-db-purge got it. Back in business.