Issues with no Data

[TrainspotterCac]

Hey All,

Thanks for the hard work that is put into creating this tool, just want to see if anybody can point me In the right direction to get this up and running, I have followed the install guide for docker-compose - I am up to the point where it is now bringing my scan data in from NESSUS, the issue is, when I try to view the default dashboard it shows no data and brings up the below error message:

Timelion: Error: in cell #1: Elasticsearch index not found: logstash-vulnwhisperer-*

I have followed the guide to a tea and everything mentioned in the FAQ I have completed, this is I have tried to create a new index but it does allow me to (as advised in the guide) running on Ubuntu server 18.04 - 16gb ram - 100gb HardDrive

I hope somebody could help, not sure what other information is required.

Thank You.

[TrainspotterCac]

Steps completed to install and run :

sudo sysctl -w vm.max_map_count=262144

sudo apt-get update

sudo apt-get install software-properties-common ca-certificates apt-transport-https

sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

sudo add-apt-repository \

"deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable"

sudo apt-get install docker-ce

sudo systemctl start docker

sudo systemctl enable docker

sudo systemctl status docker

sudo curl -L https://github.com/docker/compose/releases/download/1.25.0-rc2/docker-compose-`uname -s-uname -m` -o /usr/local/bin/docker-compose

sudo chmod +x /usr/local/bin/docker-compose

check docker version

docker-compose --version

Git clone the Vuln Whisperer Git

git clone https://github.com/HASecuritySolutions/VulnWhisperer.git

Pull in

sudo apt-get install zlib1g-dev libxml2-dev libxslt1-dev

change directory to VulnWhisperer / configs

sudo nano frameworks_example.ini

Enter the NESSUS Details and set all other scanners to false

mkdir data sudo chmod -R 666 data

chmod 666 /resources/elk6/logstash.yml

no start docker-compose

sudo docker-compose -f docker-compose.v6.yml up

[TrainspotterCac]

I have tested on 3 different Virtual Machines (Ubuntu) all have the same issue - Logstash doesnt seem to be feeding into Elasticsearch to update Kibana - if thats how it works .... it seems to get stuck on starting logstash API.

[qmontal]

Hi @TrainspotterCac,

I am afraid it has been already some time since the docker-compose was done and there hasn't been further testing, and we won't be able to help much on this... This is something that needs to be reviewed once we have resources to follow up with the roadmap but it is not a priority, and usually the main issues are regarding ELK instead of VulnWhisperer...

Sorry not being really useful over here, but wanted you to know the current situation of the project and not create unrealistic expectations on a near future, even I would love to solve all of it.

[hsninbil]

Hi All, please i will help me for a new installation. When i follow the step describes in GitHub, the result is many error in ELK Thank you

Le ven. 14 févr. 2020 à 14:05, Quim Montal notifications@github.com a écrit :

Hi @TrainspotterCac https://github.com/TrainspotterCac,

I am afraid it has been already some time since the docker-compose was done and there hasn't been further testing, and we won't be able to help much on this... This is something that needs to be reviewed once we have resources to follow up with the roadmap but it is not a priority, and usually the main issues are regarding ELK instead of VulnWhisperer...

Sorry not being really useful over here, but wanted you to know the current situation of the project and not create unrealistic expectations on a near future, even I would love to solve all of it.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/HASecuritySolutions/VulnWhisperer/issues/203?email_source=notifications&email_token=ADROBBL4VEHCEADLYLDKBULRCZ3GRA5CNFSM4KUR26S2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOELYONCA#issuecomment-586213000, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADROBBJKFEW6XKDWGA3B263RCZ3GRANCNFSM4KUR26SQ .

-- *مع تحياتي . Best regards. *Cordialement. NABIL HOSNI Engineer - Cyber Security Expert Mobile:(+974) 55.4300.54 / (+216) 94.675.101 PGP/GPG ID: 25A2FE3A PGP/GPG Fingerprint : 7322 A009 639D 9D2F 1CA4 09EA D8EF 6C54 25A2 FE3A

[qmontal]

Hi @hsninbil,

As mentioned in the Creating Issue template, I am afraid we don't provide ELK support; regarding the instructions not being working, we will work on this to fix it and make it more understandable, but there are no resources right now. Sorry for not being able to help over there.

If by any chance someone solves the problems, feel free to do a PR, that there is where the magic of open source lies :)