Ubuntu 18.04 install errors

Reply
Highlighted
L1 Bithead

Re: Ubuntu 18.04 install errors

No Problems @Carlos_Gomes. I ran the docker instructions from the following URI: https://live.paloaltonetworks.com/t5/MineMeld-Articles/Running-MineMeld-using-Docker/ta-p/289062 Installed it on Centos 7.7 no problems at all. Haven't used the particular miner that your using so not sure if same issue is still there for that particular agent. Would love to see Application updated to support Python3 though as who knows what kind of security bugs might eventual turn up in the container itself if still using all old python packages in the container. Will keep an eye on developments and might move back to Ansible version of Minemeld later, however docker version working pretty good at this stage. I'll just export config and import on Ansible Version once its determined as no longer broken or at least trial it again once we know Python 3 work has been done.
Highlighted
L3 Networker

Re: Ubuntu 18.04 install errors

Thank you @Paul_Stinson this is helpful, i will try to see if with the docker version minemeld core works and is stable. Minemeld-ansible version stops working for me after 24 hours or so and i then need to re-run the playbook so it is not sustainable but it didn't need many of those fixes we had to do to minemeld core version which is strange in itself. However i don't want to have to run the playbook every 24 hours, or have to write some sort of script that monitors when its broken to then run the playbook. And like you i agree too, python2.7 being deprecated and this being a sec tool it should be running in the latest versions for better support and security. Hopefully the minemeld developers have been quiet because they are all working away for the community in building a better version and more secure. Time will tell... thanks again.

Highlighted
L1 Bithead

Re: Ubuntu 18.04 install errors

Hello,

I solved the  error below  :

 

" ImportError: librrd.so.4: cannot open shared object file: No such file or directory"    ;

perfoming the following steps :

 

  • systemctl stop minemeld
  • updatedb                     [ update database for locate command ]
  • locate -i librrd.so        [ look for available librrd.so libraries . Note . if should find /usr/lib/x86_64-linux-gnu/librrd.so.8  ]
  • cd /usr/lib/x86_64-linux-gnu/
  • ln -s librrd.so.8 librrd.so.4
  • systemctl start minemeld

 

 

After this steps , the login fase with default [admin/minemeld  ] credenctial works fine.

 

 

Ciao,

Daniele

 

 

Ciao,
Daniele
Tags (1)
Highlighted
L3 Networker

Re: Ubuntu 18.04 install errors

@Paul_Stinson so i tested the docker version and the same issues out of the box apply when connecting a miner to Alienvault... so annoying this whole thing. only minemeld-ansible release works with it but it doesnt stay up for longer than 24hours. This product is so buggy for me. i wish it just worked.

Highlighted
L3 Networker

Re: Ubuntu 18.04 install errors

These are the errors i get. I know on minemeld core i fix it by upgrading the libtaxii to latest version but this is in docker so no idea how to do it here.

 

2020-02-10T17:38:23 (153)basepoller._polling_loop INFO: Polling AlienVault_Any_Miner
2020-02-10T17:38:23 (153)basepoller._poll ERROR: Exception in polling loop for AlienVault_Any_Miner: <urlopen error [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590)>
Traceback (most recent call last):
File "/opt/minemeld/engine/0.9.66/local/lib/python2.7/site-packages/minemeld/ft/basepoller.py", line 737, in _poll
performed = self._polling_loop()
File "/opt/minemeld/engine/0.9.66/local/lib/python2.7/site-packages/minemeld/ft/basepoller.py", line 584, in _polling_loop
iterator = self._build_iterator(now)
File "/opt/minemeld/engine/0.9.66/local/lib/python2.7/site-packages/minemeld/ft/taxii.py", line 1131, in _build_iterator
self._discover_services(tc)
File "/opt/minemeld/engine/0.9.66/local/lib/python2.7/site-packages/minemeld/ft/taxii.py", line 292, in _discover_services
resp = self._call_taxii_service(self.discovery_service, tc, request)
File "/opt/minemeld/engine/0.9.66/local/lib/python2.7/site-packages/minemeld/ft/taxii.py", line 282, in _call_taxii_service
port=port
File "/opt/minemeld/engine/0.9.66/local/lib/python2.7/site-packages/libtaxii/clients.py", line 337, in call_taxii_service2
response = urllib.request.urlopen(req)
File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python2.7/urllib2.py", line 429, in open
response = self._open(req, data)
File "/usr/lib/python2.7/urllib2.py", line 447, in _open
'_open', req)
File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
File "/opt/minemeld/engine/0.9.66/local/lib/python2.7/site-packages/libtaxii/clients.py", line 363, in https_open
return self.do_open(self.get_connection, req)
File "/usr/lib/python2.7/urllib2.py", line 1198, in do_open
raise URLError(err)
URLError: <urlopen error [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590)>

Highlighted
L3 Networker

Re: Ubuntu 18.04 install errors

another update i was able to follow my own notes to update the libtaxii within the docker container, i would think that if the container stops running or the linux vm restarts the changes i made will need to be redone. i have yet to test this. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!