Closed Pathward-MikeM closed 8 months ago
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, thanks for flagging this, we will look into this and provide an update soon.
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, can you please change the runtime version to 4 and restart the function app then check the invocation logs?
Pathward-MikeM
commented
1 year ago Hi @v-rbajaj, I updated the runtime version and am still receiving the same error. Please advise. Thanks!
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, we are checking on this with the team internally and once will receive an update will let you know
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, we are still checking on this with the team internally and once will receive an update will let you know
github-actions[bot]
commented
1 year ago Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, The error message "invalid ELF header" is related to a module import error in the Azure Function app. The error message indicates that the module "cryptography" is not loading properly The error message suggests that the issue is with the "rust" module, which is a dependency of the "cryptography" module.
Please follow this document for help on troubleshooting. https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/azure-functions/recover-python-functions.md.
Pathward-MikeM
commented
1 year ago Hi @v-rbajaj, this is function app runs from a package file. We do not make changes to the package file as that would prevent future updates - this is Azure best practice. Your recommended path to remediation would involve disabling the run from package setting, thereby preventing future updates. Please correct me if I am wrong here? Thanks!
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, we will get back to you on this.
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, we are looking into the query asked here, we will get back to you once there is an update.
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, we are looking into the query asked here, we will get back to you once there is an update.
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, we are trying to reproduce this issue.
v-rbajaj
commented
1 year ago Thanks for your patience @Pathward-MikeM, we are able to reproduce the issue, we are figuring out the fix.
Just wanted to know, have you read the readme file and did the configuration as per the readme file?
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, can you please look into the above comment?
Pathward-MikeM
commented
1 year ago Hi yes I have done all the configuration steps as part of the readme and configuration. Thanks
Pathward-MikeM
commented
1 year ago Is there a way to revert to a previous stable version?
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, I'll get back to you on this as we are reaching out to concerned team. Apologies for the delay in response.
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, sorry for the delay, we are reaching out to concerned team and will get back to you with details by 21st Sept
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, sorry for the delay, we are reaching out to concerned team for this issue.
v-rbajaj
commented
1 year ago Hi @Pathward-MikeM, sorry for the delay, we are reaching out to concerned team for this issue, will update you by 17 Oct 2023.
rcscoggin
commented
1 year ago Any updates on this issue, it is after 10/17.
v-rbajaj
commented
1 year ago Hi @rcscoggin, sorry for the delay, please give us more time to investigate till 31 Oct 2023.
v-rbajaj
commented
12 months ago Hi @Pathward-MikeM , sorry for the delay, please give us more time to investigate till 03 Nov 2023.
v-rbajaj
commented
11 months ago Hi @Pathward-MikeM , sorry for the delay, please give us more time to investigate till 08 Nov 2023.
v-rbajaj
commented
11 months ago Hi @Pathward-MikeM , we are still investigating on this issue, please give us more time to investigate till 10 Nov 2023.
Pathward-MikeM
commented
11 months ago Is there anything I can do to assist? Are other users not experiencing this issue?
v-rbajaj
commented
11 months ago Hi @Pathward-MikeM, Our current challenge centers around identifying a specific missing module in our Function App that is causing this issue which we feel that is the ideal fix. Despite our successful reproduction of the issue via function app deployment on Azure, we still not able to figure out the module, we need to perform local testing, it's noteworthy that other users haven't reported this issue yet.
v-muuppugund
commented
11 months ago Hi @Pathward-MikeM ,noticed the issue related to packages while debugging the code and working on it, will update you by 20Nov23
rcscoggin
commented
11 months ago That's great news, thanks, Murali.
From: Murali Krishna Dev Uppugunduri @.> Sent: Thursday, November 16, 2023 9:54 AM To: Azure/Azure-Sentinel @.> Cc: rodger scoggin @.>; Mention @.> Subject: Re: [Azure/Azure-Sentinel] AWS Security Hub Connector invalid ELF header error (Issue #8527)
Hi @Pathward-MikeMhttps://github.com/Pathward-MikeM ,noticed the issue related to packages while debugging the code and working on it, will update you by 20Nov23
— Reply to this email directly, view it on GitHubhttps://github.com/Azure/Azure-Sentinel/issues/8527#issuecomment-1814614206, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ABLFCLGBFLC5272WG7ZR2G3YEYSKZAVCNFSM6AAAAAA2I6HBROVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMJUGYYTIMRQGY. You are receiving this because you were mentioned.Message ID: @.***>
v-muuppugund
commented
11 months ago Hi @Pathward-MikeM , fixed few dependency issues as there are version compatible issues, so it's taking time to address those issues, will get back to you updates by 23Nov23.Thanks.
v-muuppugund
commented
11 months ago Hi @Pathward-MikeM ,I have fixed locally fixed the packages issues and deployed from VS code,Please find below screen shot for reference with incremented python version i.e.3.9,having packaging issues,once done,will share the package for testing
Pathward-MikeM
commented
10 months ago Hi @v-muuppugund any update?
v-muuppugund
commented
10 months ago Hi @Pathward-MikeM ,Apologies for late response,as blocked with high priority issue, unable to focus on this issue,will get back to you with an update by 13Dec2023.
v-muuppugund
commented
10 months ago Hi @Pathward-MikeM ,Apologies for late response,as blocked with high priority issue, unable to focus on this issue,will get back to you with an update by 13Dec2023. Hi @Pathward-MikeM ,Till yesterday working on the high priority issue,will focus on this asap and share updates
Pathward-MikeM
commented
10 months ago Hi team, any update?
v-muuppugund
commented
10 months ago Hi @Pathward-MikeM ,Working on this one,will share updates by eod
v-muuppugund
commented
10 months ago Hi @Pathward-MikeM ,Please use the package url i.e. https://github.com/Azure/Azure-Sentinel/raw/users/v-muuppugund/AWSchanges/DataConnectors/AWS-SecurityHubFindings/AzFunAWSSecurityHubIngestion.zip point this url to WEBSITE_RUN_FROM_PACKAGE in existing function app settings and restart the function app,please let me know if you have any issues,will connect over teams meeting.
Pathward-MikeM
commented
10 months ago Hi @v-muuppugund, good morning! I unfortuntaly am still receiving an error. Screenshot is attached.
v-muuppugund
commented
10 months ago Hi @Pathward-MikeM ,Apologies for the delayed response,for me i am not getting issues as i don't have valid account credentials to check this issue,Could you please share email id and conveninet time slots for trouble shooting this issue via teams meeting
Pathward-MikeM
commented
10 months ago Hi, can you drop your email and I will send you an email with availability? Thank you!
v-muuppugund
commented
10 months ago Hi @Pathward-MikeM ,Apologies for the delayed response, don't see email id from profile,could you please share couple of time slots to (v-muuppugund@microsoft.com) for teams meeting,Thanks
v-sudkharat
commented
10 months ago Hi @Pathward-MikeM, Could you please confirm have you sent your slot time on above mentioned mail id? Thanks!
Pathward-MikeM
commented
10 months ago Hi all, yes I have sent an email to begin scheduling a call. Thanks!
v-muuppugund
commented
10 months ago Hi @Pathward-MikeM ,Blocked time for the issue troubleshooting, please let me know if this time isn't convenient.
v-muuppugund
commented
10 months ago Hi @Pathward-MikeM ,As discussed over call today ,I am trying the set up in our AWS environment and will update you
v-muuppugund
commented
9 months ago Hi @Pathward-MikeM ,As discussed on last Thursday call i,e. 28Dec2023, the initial error is fixed with the package shared by me and the error now getting while token generation and we have environment and i am working on using that replicating the same issue at my end if required will let you know.
Describe the bug AWS Security Hub function app has an error "invalid ELF header". Copy of error here:
Result: Failure Exception: ImportError: /home/site/wwwroot/.python_packages/lib/site-packages/cryptography/hazmat/bindings/_rust.abi3.so: invalid ELF header. Troubleshooting Guide: https://aka.ms/functions-modulenotfound Stack: File "/azure-functions-host/workers/python/3.8/LINUX/X64/azure_functions_worker/dispatcher.py", line 314, in _handle__function_load_request func = loader.load_function( File "/azure-functions-host/workers/python/3.8/LINUX/X64/azure_functions_worker/utils/wrappers.py", line 42, in call raise extend_exception_message(e, message) File "/azure-functions-host/workers/python/3.8/LINUX/X64/azure_functions_worker/utils/wrappers.py", line 40, in call return func(*args, **kwargs) File "/azure-functions-host/workers/python/3.8/LINUX/X64/azure_functions_worker/loader.py", line 85, in load_function mod = importlib.import_module(fullmodname) File "/usr/local/lib/python3.8/importlib/init.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1014, in _gcd_import File "<frozen (... etc etc)
To Reproduce This is a read only app that is ran from a vendor managed package. We have made no custom changes on our end. To replicate, simply deploy the function app and wait for the error to populate.
Expected behavior No ELF header error, expected behavior is ingestion of AWS Security Hub findings into Sentinel.
Screenshots
Desktop (please complete the following information):