search

JPCERTCC / LogonTracer

Investigate malicious Windows logon by visualizing and analyzing Windows event log
Other
2.7k stars 441 forks source link

The Docker deployment project is not running properly #119

Closed qing-root closed 2 years ago

qing-root commented 2 years ago

I tried using Docker deployment the LogonTracer:

sudo docker run \ 7 ⨯ --detach \ --publish=7474:7474 --publish=7687:7687 --publish=8080:8080 \ -e LTHOSTNAME=192.168.3.132 \ -e TZ=Asia/Shanghai \ jpcertcc/docker-logontracer

After the preceding command is executed, the 8080,7474,7687 ports is monitored normally,but I can't access the Web page properly

curl 192.168.3.132:8080 7 ⨯ curl: (7) Failed to connect to 192.168.3.132 port 8080: Connection refused

image

shu-tom commented 2 years ago

Please check your container log. docker logs [CONTAINER ID]

qing-root commented 2 years ago

sudo docker logs 6676 2021-11-21 00:39:52,589 INFO supervisord started with pid 7 2021-11-21 00:39:53,591 INFO spawned: 'logontracer' with pid 109 2021-11-21 00:39:53,593 INFO spawned: 'neo4j' with pid 110 2021-11-21 00:39:55,081 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) 2021-11-21 00:39:55,081 INFO success: neo4j entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) 2021-11-21 00:40:10,438 INFO exited: logontracer (exit status 1; not expected) 2021-11-21 00:40:11,441 INFO spawned: 'logontracer' with pid 274 2021-11-21 00:40:12,443 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) 2021-11-21 00:40:22,758 INFO exited: logontracer (exit status 1; not expected) 2021-11-21 00:40:23,762 INFO spawned: 'logontracer' with pid 279 2021-11-21 00:40:24,766 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) 2021-11-21 00:40:35,069 INFO exited: logontracer (exit status 1; not expected) 2021-11-21 00:40:36,076 INFO spawned: 'logontracer' with pid 283 2021-11-21 00:40:37,078 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) 2021-11-21 00:40:50,438 INFO exited: logontracer (exit status 1; not expected) 2021-11-21 00:40:51,441 INFO spawned: 'logontracer' with pid 287 2021-11-21 00:40:52,443 INFO success: logontracer entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) 2021-11-21 00:41:02,829 INFO exited: logontracer (exit status 1; not expected)

It seems to have been abnormally withdrawn. Could you help me? Thank you very much

shu-tom commented 2 years ago

It seems that Neo4j is not working. Please use docker-compose. https://github.com/JPCERTCC/LogonTracer/wiki/setup-with-docker-compose