Deploying Fresh install of Minemeld

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Deploying Fresh install of Minemeld

L1 Bithead

After following complete steps to install Minemeld on Ubuntu 14.04.  I run into this error on the last command from this link for manual installation.

 

https://live.paloaltonetworks.com/t5/MineMeld-Articles/Manually-install-MineMeld-on-Ubuntu-Server-14...

 

Step 6 has you verify the Minemeld services have started.  I get this error. 

 

Command -

sudo -u minemeld /opt/minemeld/engine/current/bin/supervisorctl -c /opt/minemeld/local/supervisor/config/supervisord.conf status

Output - 

sudo: /opt/minemeld/engine/current/bin/supervisorctl: command not found

 

Thanks

11 REPLIES 11

L7 Applicator

Hi @svacca,

could you paste the output of "ls /opt" ?

 

Thanks,

luigi

 

stacy@ubuntu:~$ ls /opt

minemeld

stacy@ubuntu:~$

Hi @svacca,

did you see an error when running the apt-get command?

 

Luigi

I just reran the command -

 

stacy@ubuntu:~$ sudo apt-get update && sudo apt-get install -y iptables-persistent

[sudo] password for stacy:

Ign http://us.archive.ubuntu.com trusty InRelease

Get:1 http://us.archive.ubuntu.com trusty-updates InRelease [65.9 kB]          

Hit http://minemeld-updates.panw.io trusty-minemeld InRelease                  

Hit http://minemeld-updates.panw.io trusty-minemeld/main amd64 Packages        

Hit http://minemeld-updates.panw.io trusty-minemeld/main i386 Packages         

Get:2 http://security.ubuntu.com trusty-security InRelease [65.9 kB]           

Hit http://us.archive.ubuntu.com trusty-backports InRelease                 

Hit http://us.archive.ubuntu.com trusty Release.gpg                            

Get:3 http://us.archive.ubuntu.com trusty-updates/main Sources [424 kB]        

Get:4 http://us.archive.ubuntu.com trusty-updates/restricted Sources [6,322 B]

Get:5 http://us.archive.ubuntu.com trusty-updates/universe Sources [214 kB]    

Get:6 http://us.archive.ubuntu.com trusty-updates/multiverse Sources [7,443 B]

Get:7 http://security.ubuntu.com trusty-security/main Sources [165 kB]         

Get:8 http://us.archive.ubuntu.com trusty-updates/main amd64 Packages [1,115 kB]

Get:9 http://us.archive.ubuntu.com trusty-updates/restricted amd64 Packages [17.2 kB]

Get:10 http://us.archive.ubuntu.com trusty-updates/universe amd64 Packages [496 kB]

Get:11 http://us.archive.ubuntu.com trusty-updates/multiverse amd64 Packages [14.6 kB]

Ign http://minemeld-updates.panw.io trusty-minemeld/main Translation-en_US     

Get:12 http://us.archive.ubuntu.com trusty-updates/main i386 Packages [1,055 kB]

Get:13 http://security.ubuntu.com trusty-security/restricted Sources [4,931 B]

Ign http://minemeld-updates.panw.io trusty-minemeld/main Translation-en        

Get:14 http://us.archive.ubuntu.com trusty-updates/restricted i386 Packages [17.1 kB]

Get:15 http://us.archive.ubuntu.com trusty-updates/universe i386 Packages [481 kB]

Get:16 http://security.ubuntu.com trusty-security/universe Sources [85.1 kB]

Get:17 http://us.archive.ubuntu.com trusty-updates/multiverse i386 Packages [15.0 kB]

Hit http://us.archive.ubuntu.com trusty-updates/main Translation-en            

Hit http://us.archive.ubuntu.com trusty-updates/multiverse Translation-en   

Get:18 http://security.ubuntu.com trusty-security/multiverse Sources [3,273 B]

Hit http://us.archive.ubuntu.com trusty-updates/restricted Translation-en      

Get:19 http://security.ubuntu.com trusty-security/main amd64 Packages [781 kB]

Hit http://us.archive.ubuntu.com trusty-updates/universe Translation-en        

Hit http://us.archive.ubuntu.com trusty-backports/main Sources                 

Hit http://us.archive.ubuntu.com trusty-backports/restricted Sources           

Hit http://us.archive.ubuntu.com trusty-backports/universe Sources             

Hit http://us.archive.ubuntu.com trusty-backports/multiverse Sources      

Hit http://us.archive.ubuntu.com trusty-backports/main amd64 Packages      

Hit http://us.archive.ubuntu.com trusty-backports/restricted amd64 Packages

Hit http://us.archive.ubuntu.com trusty-backports/universe amd64 Packages      

Hit http://us.archive.ubuntu.com trusty-backports/multiverse amd64 Packages    

Get:20 http://security.ubuntu.com trusty-security/restricted amd64 Packages [14.2 kB]

Hit http://us.archive.ubuntu.com trusty-backports/main i386 Packages           

Hit http://us.archive.ubuntu.com trusty-backports/restricted i386 Packages     

Hit http://us.archive.ubuntu.com trusty-backports/universe i386 Packages

Get:21 http://security.ubuntu.com trusty-security/universe amd64 Packages [266 kB]

Hit http://us.archive.ubuntu.com trusty-backports/multiverse i386 Packages

Hit http://us.archive.ubuntu.com trusty-backports/main Translation-en          

Hit http://us.archive.ubuntu.com trusty-backports/multiverse Translation-en

Get:22 http://security.ubuntu.com trusty-security/multiverse amd64 Packages [4,805 B]

Hit http://us.archive.ubuntu.com trusty-backports/restricted Translation-en

Get:23 http://security.ubuntu.com trusty-security/main i386 Packages [718 kB]

Hit http://us.archive.ubuntu.com trusty-backports/universe Translation-en

Hit http://us.archive.ubuntu.com trusty Release                                

Hit http://us.archive.ubuntu.com trusty/main Sources                     

Hit http://us.archive.ubuntu.com trusty/restricted Sources                     

Get:24 http://security.ubuntu.com trusty-security/restricted i386 Packages [13.9 kB]

Hit http://us.archive.ubuntu.com trusty/universe Sources                       

Hit http://us.archive.ubuntu.com trusty/multiverse Sources        

Get:25 http://security.ubuntu.com trusty-security/universe i386 Packages [253 kB]

Hit http://us.archive.ubuntu.com trusty/main amd64 Packages                

Hit http://us.archive.ubuntu.com trusty/restricted amd64 Packages              

Hit http://us.archive.ubuntu.com trusty/universe amd64 Packages                

Get:26 http://security.ubuntu.com trusty-security/multiverse i386 Packages [4,945 B]

Hit http://us.archive.ubuntu.com trusty/multiverse amd64 Packages              

Hit http://us.archive.ubuntu.com trusty/main i386 Packages        

Hit http://us.archive.ubuntu.com trusty/restricted i386 Packages 

Hit http://security.ubuntu.com trusty-security/main Translation-en 

Hit http://us.archive.ubuntu.com trusty/universe i386 Packages      

Hit http://us.archive.ubuntu.com trusty/multiverse i386 Packages    

Hit http://security.ubuntu.com trusty-security/multiverse Translation-en

Hit http://us.archive.ubuntu.com trusty/main Translation-en        

Hit http://us.archive.ubuntu.com trusty/multiverse Translation-en 

Hit http://security.ubuntu.com trusty-security/restricted Translation-en

Hit http://security.ubuntu.com trusty-security/universe Translation-en

Hit http://us.archive.ubuntu.com trusty/restricted Translation-en

Hit http://us.archive.ubuntu.com trusty/universe Translation-en

Ign http://us.archive.ubuntu.com trusty/main Translation-en_US

Ign http://us.archive.ubuntu.com trusty/multiverse Translation-en_US

Ign http://us.archive.ubuntu.com trusty/restricted Translation-en_US

Ign http://us.archive.ubuntu.com trusty/universe Translation-en_US

Fetched 6,310 kB in 3s (1,748 kB/s)                

Reading package lists... Done

Reading package lists... Done

Building dependency tree       

Reading state information... Done

iptables-persistent is already the newest version.

0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.

stacy@ubuntu:~$

I replied to this twice now, and it seems to be disappearing.  Did you see it?

I reinstalled everything and still run into the same issues.  I am attaching full text output from install.

The VM can't reach minemeld update server (I just checked and it is working). Maybe a rule on the firewall?

 

CRITICAL:0.9.11 Error running curl: curl: (22) The requested URL returned error: 503 Service Unavailable

Traceback (most recent call last):
  File "/usr/sbin/minemeld-auto-update", line 787, in <module>
    main()
  File "/usr/sbin/minemeld-auto-update", line 775, in main
    deploy_package(p, config)
  File "/usr/sbin/minemeld-auto-update", line 516, in deploy_package
    curl_options=config.get('curl-options', None)
  File "/usr/sbin/minemeld-auto-update", line 303, in download_via_curl
    stderr=subprocess.STDOUT
  File "/usr/lib/python2.7/subprocess.py", line 573, in check_output
    raise CalledProcessError(retcode, cmd, output=output)
subprocess.CalledProcessError: Command 'curl -k  -f -s -A "MineMeld/0.9.11" --show-error http://minemeld-updates.panw.io/stage2/0_9/minemeld-core-0.9.50.post1-linux-x86_64.tar.gz -o /tmp/minemeld-engine5msjQI' returned non-zero exit status 22

Thanks, I found the issue.  I was doing strict data filtering.  Now I have run into another issue.   Now I run the last command and get this output.

 

root@ubuntu:~# sudo -u minemeld /opt/minemeld/engine/current/bin/supervisorctl -c /opt/minemeld/local/supervisor/config/supervisord.conf status

minemeld-engine                  FATAL     Exited too quickly (process log may have details)

minemeld-supervisord-listener    RUNNING   pid 4910, uptime 0:02:32

minemeld-traced                  RUNNING   pid 4912, uptime 0:02:32

minemeld-web                     FATAL     Exited too quickly (process log may have details)

 

I can open the webpage, but can not log in.  I have attached all log files for install.

 

Thoughts?

Thanks, Stacy

Hi @svacca,

we are fixing a bug in the installation, could you use the Ansible playbook in the meantime?

https://github.com/PaloAltoNetworks/minemeld-ansible

 

Thanks,

luigi

How soon will the script be fixed for the install? Please let me know and i can test for you. Thanks Stacy

Luigi, Do you know when the bug will be fixed in the script? I am able to get the MineMeld server running with an older PIP install. But if i try to make any changes in the system, the engines will not restart. Thanks, Stacy
  • 9838 Views
  • 11 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!