ostefano
commented
3 months ago Please post the logs before the error. Also, post the .env.
Did you try updating docker from the docker.com website?
Closed clopmz closed 2 months ago
ostefano
commented
3 months ago Please post the logs before the error. Also, post the .env.
Did you try updating docker from the docker.com website?
clopmz
commented
3 months ago Please post the logs before the error. Also, post the .env.
Did you try updating docker from the docker.com website?
Yes ... I have updated all docker images from docker.com
clopmz
commented
3 months ago More info. In misp-workers-errors.log file appears the following errors:
Error: ERR AUTH
Error: ERR AUTH
Error: ERR AUTH
ostefano
commented
3 months ago That is not what I asked, I asked whether you followed this https://docs.docker.com/engine/install/ubuntu/
ostefano
commented
3 months ago @clopmz I have asked for the other logs before the errors
ostefano
commented
3 months ago Please format the .env file appropriately
clopmz
commented
3 months ago That is not what I asked, I asked whether you followed this https://docs.docker.com/engine/install/ubuntu/
Nop ... I have installed docker using Debian 12 repository. With release v2.4.194 all was working ok without problems.
ostefano
commented
3 months ago Then please update the docker engine with what it is specified in the docker.com website.
clopmz
commented
3 months ago My .env file:
##
# Build-time variables
##
CORE_TAG=v2.4.195
MODULES_TAG=v2.4.195
PHP_VER=20190902
LIBFAUP_COMMIT=3a26d0a
# PYPY_* vars take precedence over MISP's
# PYPI_REDIS_VERSION="==5.0.*"
# PYPI_LIEF_VERSION=">=0.13.1"
# PYPI_PYDEEP2_VERSION="==0.5.*"
# PYPI_PYTHON_MAGIC_VERSION="==0.4.*"
# PYPI_MISP_LIB_STIX2_VERSION="==3.0.*"
# PYPI_MAEC_VERSION="==4.1.*"
# PYPI_MIXBOX_VERSION="==1.0.*"
# PYPI_CYBOX_VERSION="==2.1.*"
# PYPI_PYMISP_VERSION="==2.4.178"
# CORE_COMMIT takes precedence over CORE_TAG
# CORE_COMMIT=c56d537
# MODULES_COMMIT takes precedence over MODULES_TAG
# MODULES_COMMIT=de69ae3
##
# Run-time variables
##
# Email/username for user #1, defaults to MISP's default (admin@admin.test)
ADMIN_EMAIL=admin.cti@mydomain.com
# name of org #1, default to MISP's default (ORGNAME)
ADMIN_ORG=MISP Platform.
# defaults to an automatically generated one
ADMIN_KEY=
# defaults to MISP's default (admin)
ADMIN_PASSWORD=
# defaults to 'passphrase'
GPG_PASSPHRASE=mypassinternal
# defaults to 1 (the admin user)
CRON_USER_ID=1
# defaults to 'https://localhost'
BASE_URL=https://misp.mydomain.com
# store settings in db except those that must stay in config.php. true/false, defaults to false
ENABLE_DB_SETTINGS=true
# optional and used by the mail sub-system
SMARTHOST_ADDRESS=mail.mydomain.com
SMARTHOST_PORT=25
SMARTHOST_USER=
SMARTHOST_PASSWORD=
SMARTHOST_ALIASES=
# optional comma separated list of IDs of syncservers (e.g. SYNCSERVERS=1)
# For this to work ADMIN_KEY must be set, or AUTOGEN_ADMIN_KEY must be true (default)
SYNCSERVERS=
# note: if you have more than one syncserver, you need to update docker-compose.yml
SYNCSERVERS_1_URL=
SYNCSERVERS_1_NAME=
SYNCSERVERS_1_UUID=
SYNCSERVERS_1_KEY=
# optional and used to set mysql db and credentials
# MYSQL_HOST=
# MYSQL_PORT=
MYSQL_USER=cti
MYSQL_PASSWORD=f14abaeb07160033d60114110a6af2c06abd59416f8b9b38dc551d6342a18c2b
MYSQL_ROOT_PASSWORD=c40aa130af1eb54d8ace33fc5e8d13e4dab7b8e1e2532164e7d135f8fa541c13
MYSQL_DATABASE=dbmisp
# These variables allows overriding some MISP email values.
# They all default to ADMIN_EMAIL.
# MISP.email, used for notifications. Also used
# for GnuPG.email and GPG autogeneration.
MISP_EMAIL=admin.cti@mydomain.com
# MISP.contact, the e-mail address that
# MISP should include as a contact address
# for the instance's support team.
MISP_CONTACT=support@mydomain.com
# Enable GPG autogeneration (default true)
# AUTOCONF_GPG=true
# Enable admin (user #1) API key autogeneration
# if ADMIN_KEY is not set above (default true)
# AUTOGEN_ADMIN_KEY=true
# Disable IPv6 completely
DISABLE_IPV6=true
# Disable SSL redirect
DISABLE_SSL_REDIRECT=true
# Enable OIDC authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/OidcAuth/README.md
# OIDC_ENABLE=true
# OIDC_PROVIDER_URL=
# OIDC_CLIENT_ID=
# OIDC_CLIENT_SECRET=
# OIDC_ROLES_PROPERTY="roles"
# OIDC_ROLES_MAPPING="{\"admin\": \"1\"}"
# OIDC_DEFAULT_ORG=
# Enable LDAP (using the ApacheSecureAuth component) authentication, according to https://github.com/MISP/MISP/issues/6189
# NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component, users should not be able to control the HTTP header configured in LDAP_APACHE_ENV (e.g. REMOTE_USER).
# This means you must not allow direct access to MISP.
# LDAP_ENABLE=true
# LDAP_APACHE_ENV="REMOTE_USER"
# LDAP_SERVER="ldap://your_domain_controller"
# LDAP_STARTTLS=true
# LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net"
# LDAP_READER_PASSWORD="password"
# LDAP_DN="OU=Users,DC=domain,DC=net"
# LDAP_SEARCH_FILTER=""
# LDAP_SEARCH_ATTRIBUTE="uid"
# LDAP_FILTER="[\"mail\", \"uid\", \"cn\" ]"
# LDAP_DEFAULT_ROLE_ID="3"
# LDAP_DEFAULT_ORG="1"
# LDAP_EMAIL_FIELD="[\"mail\"]"
# LDAP_OPT_PROTOCOL_VERSION="3"
# LDAP_OPT_NETWORK_TIMEOUT="-1"
# LDAP_OPT_REFERRALS=false
# Enable Azure AD (Entra) authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/AadAuth/README.md
# AAD_ENABLE=true
# AAD_CLIENT_ID=
# AAD_TENANT_ID=
# AAD_CLIENT_SECRET=
# AAD_REDIRECT_URI="https://misp.mydomain.com/users/login"
# AAD_PROVIDER="https://login.microsoftonline.com/"
# AAD_PROVIDER_USER="https://graph.microsoft.com/"
# AAD_MISP_USER="Misp Users"
# AAD_MISP_ORGADMIN="Misp Org Admins"
# AAD_MISP_SITEADMIN="Misp Site Admins"
# AAD_CHECK_GROUPS=false
# Enable the use of a Proxy server
# PROXY_ENABLE=true
# PROXY_HOST=
# PROXY_PORT=
# PROXY_METHOD=
# PROXY_USER=
# PROXY_PASSWORD=Then please update the docker engine with what it is specified in the docker.com website.
Hi @ostefano . I have update to docker community release 27.1.2 and problems are the same:
Client: Docker Engine - Community
Version: 27.1.2
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.16.2
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.29.1
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 23
Running: 23
Paused: 0
Stopped: 0
Images: 19
Server Version: 27.1.2Can you try removing all containers and the configs directory before trying again?
ostefano
commented
3 months ago You still need to provide the full logs (what happens before the errors)
clopmz
commented
3 months ago Can you try removing all containers and the
configsdirectory before trying again?
Done ... but nothing ... same errors ..
clopmz
commented
3 months ago You still need to provide the full logs (what happens before the errors)
Fulll docker-compose log full:
db-1 | 2024-08-19 10:00:06+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.11.9+maria~ubu2204 started.
db-1 | 2024-08-19 10:00:06+00:00 [Warn] [Entrypoint]: /sys/fs/cgroup///memory.pressure not writable, functionality unavailable to MariaDB
db-1 | 2024-08-19 10:00:06+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
db-1 | 2024-08-19 10:00:06+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.11.9+maria~ubu2204 started.
db-1 | 2024-08-19 10:00:07+00:00 [Note] [Entrypoint]: MariaDB upgrade not required
db-1 | 2024-08-19 10:00:07 0 [Note] Starting MariaDB 10.11.9-MariaDB-ubu2204 source revision 0e8fb977b00983d98c4c35e39bc1f36463095938 server_uid 6pLEQT+fhpOFxv85sh+gN2qrJZQ= as process 1
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: Number of transaction pools: 1
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: Using AVX512 instructions
db-1 | 2024-08-19 10:00:07 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: Using liburing
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: Initializing buffer pool, total size = 128.000MiB, chunk size = 2.000MiB
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: Completed initialization of buffer pool
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: File system buffers for log disabled (block size=512 bytes)
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: End of log at LSN=1276127764
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: 128 rollback segments are active.
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: log sequence number 1276127764; transaction id 744662
db-1 | 2024-08-19 10:00:07 0 [Note] Plugin 'FEEDBACK' is disabled.
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
db-1 | 2024-08-19 10:00:07 0 [Warning] You need to use --log-bin to make --expire-logs-days or --binlog-expire-logs-seconds work.
db-1 | 2024-08-19 10:00:07 0 [Note] Server socket created on IP: '0.0.0.0'.
db-1 | 2024-08-19 10:00:07 0 [Note] Server socket created on IP: '::'.
db-1 | 2024-08-19 10:00:07 0 [Note] mariadbd: ready for connections.
db-1 | Version: '10.11.9-MariaDB-ubu2204' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
db-1 | 2024-08-19 10:00:07 0 [Note] InnoDB: Buffer pool(s) load completed at 240819 10:00:07
misp-modules-1 | 2024-08-19 10:00:11,200 - misp-modules - INFO - Launch MISP modules server from current directory.
misp-modules-1 | 2024-08-19 10:00:11,201 - misp-modules - INFO - Helpers loaded cache.py
misp-modules-1 | 2024-08-19 10:00:11,205 - misp-modules - INFO - MISP modules mattermost imported
misp-modules-1 | 2024-08-19 10:00:11,205 - misp-modules - INFO - MISP modules slack imported
misp-modules-1 | 2024-08-19 10:00:11,205 - misp-modules - INFO - MISP modules testaction imported
misp-modules-1 | 2024-08-19 10:00:11,206 - misp-modules - INFO - MISP modules abuseipdb imported
misp-modules-1 | 2024-08-19 10:00:11,206 - misp-modules - INFO - MISP modules apiosintds imported
misp-modules-1 | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules apivoid imported
misp-modules-1 | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules assemblyline_query imported
misp-modules-1 | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules assemblyline_submit imported
misp-modules-1 | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules backscatter_io imported
misp-modules-1 | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules bgpranking imported
misp-modules-1 | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules btc_scam_check imported
misp-modules-1 | 2024-08-19 10:00:11,208 - misp-modules - INFO - MISP modules btc_steroids imported
misp-modules-1 | 2024-08-19 10:00:11,208 - misp-modules - INFO - MISP modules censys_enrich imported
misp-modules-1 | 2024-08-19 10:00:11,208 - misp-modules - INFO - MISP modules circl_passivedns imported
misp-modules-1 | 2024-08-19 10:00:11,208 - misp-modules - INFO - MISP modules circl_passivessl imported
misp-modules-1 | 2024-08-19 10:00:11,208 - misp-modules - INFO - MISP modules clamav imported
misp-modules-1 | 2024-08-19 10:00:11,209 - misp-modules - INFO - MISP modules cluster25_expand imported
misp-modules-1 | 2024-08-19 10:00:11,209 - misp-modules - INFO - MISP modules countrycode imported
misp-modules-1 | 2024-08-19 10:00:11,209 - misp-modules - INFO - MISP modules cpe imported
misp-modules-1 | 2024-08-19 10:00:11,209 - misp-modules - INFO - MISP modules crowdsec imported
misp-modules-1 | 2024-08-19 10:00:11,209 - misp-modules - INFO - MISP modules crowdstrike_falcon imported
misp-modules-1 | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules cuckoo_submit imported
misp-modules-1 | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules cve imported
misp-modules-1 | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules cve_advanced imported
misp-modules-1 | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules cytomic_orion imported
misp-modules-1 | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules dbl_spamhaus imported
misp-modules-1 | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules dns imported
misp-modules-1 | 2024-08-19 10:00:11,211 - misp-modules - INFO - MISP modules docx_enrich imported
misp-modules-1 | 2024-08-19 10:00:11,211 - misp-modules - INFO - MISP modules domaintools imported
misp-modules-1 | 2024-08-19 10:00:11,211 - misp-modules - INFO - MISP modules eql imported
misp-modules-1 | 2024-08-19 10:00:11,211 - misp-modules - INFO - MISP modules eupi imported
misp-modules-1 | 2024-08-19 10:00:11,211 - misp-modules - INFO - MISP modules extract_url_components imported
misp-modules-1 | 2024-08-19 10:00:11,212 - misp-modules - INFO - MISP modules farsight_passivedns imported
misp-modules-1 | 2024-08-19 10:00:11,212 - misp-modules - INFO - MISP modules geoip_asn imported
misp-modules-1 | 2024-08-19 10:00:11,212 - misp-modules - INFO - MISP modules geoip_city imported
misp-modules-1 | 2024-08-19 10:00:11,213 - misp-modules - INFO - MISP modules geoip_country imported
misp-modules-1 | 2024-08-19 10:00:11,213 - misp-modules - INFO - MISP modules google_safe_browsing imported
misp-modules-1 | 2024-08-19 10:00:11,214 - misp-modules - INFO - MISP modules google_search imported
misp-modules-1 | 2024-08-19 10:00:11,214 - misp-modules - INFO - MISP modules google_threat_intelligence imported
misp-modules-1 | 2024-08-19 10:00:11,214 - misp-modules - INFO - MISP modules greynoise imported
misp-modules-1 | 2024-08-19 10:00:11,214 - misp-modules - INFO - MISP modules hashdd imported
misp-modules-1 | 2024-08-19 10:00:11,214 - misp-modules - INFO - MISP modules hashlookup imported
misp-modules-1 | 2024-08-19 10:00:11,215 - misp-modules - INFO - MISP modules hibp imported
misp-modules-1 | 2024-08-19 10:00:11,215 - misp-modules - INFO - MISP modules html_to_markdown imported
misp-modules-1 | 2024-08-19 10:00:11,215 - misp-modules - INFO - MISP modules hyasinsight imported
misp-modules-1 | 2024-08-19 10:00:11,215 - misp-modules - INFO - MISP modules intel471 imported
misp-modules-1 | 2024-08-19 10:00:11,215 - misp-modules - INFO - MISP modules ip2locationio imported
misp-modules-1 | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules ipasn imported
misp-modules-1 | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules ipinfo imported
misp-modules-1 | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules ipqs_fraud_and_risk_scoring imported
misp-modules-1 | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules iprep imported
misp-modules-1 | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules jinja_template_rendering imported
misp-modules-1 | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules joesandbox_query imported
misp-modules-1 | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules joesandbox_submit imported
redis-1 | 1:C 19 Aug 2024 10:00:06.833 * oO0OoO0OoO0Oo Valkey is starting oO0OoO0OoO0Oo
redis-1 | 1:C 19 Aug 2024 10:00:06.833 * Valkey version=7.2.6, bits=64, commit=00000000, modified=0, pid=1, just started
redis-1 | 1:C 19 Aug 2024 10:00:06.833 # Warning: no config file specified, using the default config. In order to specify a config file use valkey-server /path/to/valkey.conf
redis-1 | 1:M 19 Aug 2024 10:00:06.833 * monotonic clock: POSIX clock_gettime
redis-1 | 1:M 19 Aug 2024 10:00:06.833 * Running mode=standalone, port=6379.
redis-1 | 1:M 19 Aug 2024 10:00:06.834 * Server initialized
redis-1 | 1:M 19 Aug 2024 10:00:06.834 * Ready to accept connections tcp
misp-modules-1 | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules lastline_query imported
misp-modules-1 | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules lastline_submit imported
misp-modules-1 | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules macaddress_io imported
misp-modules-1 | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules macvendors imported
misp-modules-1 | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules malwarebazaar imported
misp-modules-1 | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules mcafee_insights_enrich imported
misp-modules-1 | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules mmdb_lookup imported
misp-modules-1 | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules mwdb imported
misp-modules-1 | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules ocr_enrich imported
misp-modules-1 | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules ods_enrich imported
misp-modules-1 | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules odt_enrich imported
misp-modules-1 | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules onyphe imported
misp-modules-1 | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules onyphe_full imported
misp-modules-1 | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules otx imported
misp-modules-1 | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules passive-ssh imported
misp-modules-1 | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules passivetotal imported
misp-modules-1 | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules pdf_enrich imported
misp-modules-1 | 2024-08-19 10:00:11,220 - misp-modules - INFO - MISP modules pptx_enrich imported
misp-modules-1 | 2024-08-19 10:00:11,220 - misp-modules - INFO - MISP modules qintel_qsentry imported
misp-modules-1 | 2024-08-19 10:00:11,220 - misp-modules - INFO - MISP modules qrcode imported
misp-modules-1 | 2024-08-19 10:00:11,220 - misp-modules - INFO - MISP modules ransomcoindb imported
misp-modules-1 | 2024-08-19 10:00:11,220 - misp-modules - INFO - MISP modules rbl imported
misp-modules-1 | 2024-08-19 10:00:11,221 - misp-modules - INFO - MISP modules recordedfuture imported
misp-modules-1 | 2024-08-19 10:00:11,221 - misp-modules - INFO - MISP modules reversedns imported
misp-modules-1 | 2024-08-19 10:00:11,221 - misp-modules - INFO - MISP modules securitytrails imported
misp-modules-1 | 2024-08-19 10:00:11,221 - misp-modules - INFO - MISP modules shodan imported
misp-modules-1 | 2024-08-19 10:00:11,222 - misp-modules - INFO - MISP modules sigma_queries imported
misp-modules-1 | 2024-08-19 10:00:11,222 - misp-modules - INFO - MISP modules sigma_syntax_validator imported
mail-1 | using non-split configuration scheme from /etc/exim4/exim4.conf.template
mail-1 | 1 LOG: MAIN
mail-1 | 1 exim 4.96 daemon started: pid=1, -q15m, listening for SMTP on port 25 (IPv6 and IPv4)
mail-1 | 283 Exim version 4.96 uid=100 gid=102 pid=283 D=80001
mail-1 | 283 Berkeley DB: Berkeley DB 5.3.28: (September 9, 2013)
mail-1 | 283 Support for: crypteq iconv() IPv6 GnuTLS TLS_resume move_frozen_messages DANE DKIM DNSSEC Event I18N OCSP PIPECONNECT PRDR Queue_Ramp SOCKS SRS TCP_Fast_Open
mail-1 | 283 Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
mail-1 | 283 Authenticators: cram_md5 external plaintext
mail-1 | 283 Routers: accept dnslookup ipliteral manualroute queryprogram redirect
mail-1 | 283 Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
mail-1 | 283 Fixed never_users: 0
mail-1 | 283 Configure owner: 0:0
mail-1 | 283 Size of off_t: 8
misp-modules-1 | 2024-08-19 10:00:11,641 - misp-modules - INFO - MISP modules sigmf-expand imported
misp-modules-1 | 2024-08-19 10:00:11,641 - misp-modules - INFO - MISP modules socialscan imported
misp-modules-1 | 2024-08-19 10:00:11,641 - misp-modules - INFO - MISP modules sophoslabs_intelix imported
misp-modules-1 | 2024-08-19 10:00:11,641 - misp-modules - INFO - MISP modules sourcecache imported
misp-modules-1 | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules stairwell imported
misp-modules-1 | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules stix2_pattern_syntax_validator imported
misp-modules-1 | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules threatcrowd imported
misp-modules-1 | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules threatfox imported
misp-modules-1 | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules threatminer imported
misp-modules-1 | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules trustar_enrich imported
misp-modules-1 | 2024-08-19 10:00:11,643 - misp-modules - INFO - MISP modules urlhaus imported
misp-modules-1 | 2024-08-19 10:00:11,643 - misp-modules - INFO - MISP modules urlscan imported
misp-modules-1 | 2024-08-19 10:00:11,643 - misp-modules - INFO - MISP modules variotdbs imported
misp-modules-1 | 2024-08-19 10:00:11,644 - misp-modules - INFO - MISP modules virustotal imported
misp-modules-1 | 2024-08-19 10:00:11,644 - misp-modules - INFO - MISP modules virustotal_public imported
misp-modules-1 | 2024-08-19 10:00:11,644 - misp-modules - INFO - MISP modules vmray_submit imported
misp-modules-1 | 2024-08-19 10:00:11,651 - misp-modules - INFO - MISP modules vmware_nsx imported
misp-modules-1 | 2024-08-19 10:00:11,651 - misp-modules - INFO - MISP modules vulndb imported
misp-modules-1 | 2024-08-19 10:00:11,651 - misp-modules - INFO - MISP modules vulnerability_lookup imported
misp-modules-1 | 2024-08-19 10:00:11,651 - misp-modules - INFO - MISP modules vulners imported
misp-modules-1 | 2024-08-19 10:00:11,651 - misp-modules - INFO - MISP modules whois imported
misp-modules-1 | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules whoisfreaks imported
misp-modules-1 | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules wiki imported
misp-modules-1 | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules xforceexchange imported
misp-modules-1 | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules xlsx_enrich imported
misp-modules-1 | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules yara_query imported
misp-modules-1 | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules yara_syntax_validator imported
misp-modules-1 | 2024-08-19 10:00:11,653 - misp-modules - INFO - MISP modules yeti imported
misp-modules-1 | 2024-08-19 10:00:11,653 - misp-modules - INFO - MISP modules cef_export imported
misp-modules-1 | 2024-08-19 10:00:11,653 - misp-modules - INFO - MISP modules cisco_firesight_manager_ACL_rule_export imported
misp-modules-1 | 2024-08-19 10:00:11,653 - misp-modules - INFO - MISP modules defender_endpoint_export imported
misp-modules-1 | 2024-08-19 10:00:11,654 - misp-modules - INFO - MISP modules goamlexport imported
misp-modules-1 | 2024-08-19 10:00:11,654 - misp-modules - INFO - MISP modules liteexport imported
misp-modules-1 | 2024-08-19 10:00:11,654 - misp-modules - INFO - MISP modules mass_eql_export imported
misp-modules-1 | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules nexthinkexport imported
misp-modules-1 | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules osqueryexport imported
misp-modules-1 | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules pdfexport imported
misp-modules-1 | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules testexport imported
misp-modules-1 | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules threatStream_misp_export imported
misp-modules-1 | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules threat_connect_export imported
misp-modules-1 | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules virustotal_collections imported
misp-modules-1 | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules vt_graph imported
misp-modules-1 | 2024-08-19 10:00:11,656 - misp-modules - INFO - MISP modules cof2misp imported
misp-modules-1 | 2024-08-19 10:00:11,656 - misp-modules - INFO - MISP modules csvimport imported
mail-1 | 283 LOG: queue_run MAIN
misp-modules-1 | 2024-08-19 10:00:11,656 - misp-modules - INFO - MISP modules cuckooimport imported
mail-1 | 283 Start queue run: pid=283
mail-1 | 283 LOG: queue_run MAIN
mail-1 | 283 End queue run: pid=283
misp-core-1 | 2024-08-19 10:00:09,848 WARN For [program:nginx], redirect_stderr=true but stderr_logfile has also been set to a filename, the filename has been ignored
misp-core-1 | 2024-08-19 10:00:09,848 WARN For [program:php-fpm], redirect_stderr=true but stderr_logfile has also been set to a filename, the filename has been ignored
misp-core-1 | 2024-08-19 10:00:09,848 WARN For [program:cron], redirect_stderr=true but stderr_logfile has also been set to a filename, the filename has been ignored
misp-modules-1 | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules email_import imported
misp-modules-1 | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules goamlimport imported
misp-modules-1 | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules import_blueprint imported
misp-modules-1 | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules joe_import imported
misp-modules-1 | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules lastline_import imported
misp-modules-1 | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules mispjson imported
misp-modules-1 | 2024-08-19 10:00:11,658 - misp-modules - INFO - MISP modules ocr imported
misp-modules-1 | 2024-08-19 10:00:11,658 - misp-modules - INFO - MISP modules openiocimport imported
misp-modules-1 | 2024-08-19 10:00:11,658 - misp-modules - INFO - MISP modules taxii21 imported
misp-modules-1 | 2024-08-19 10:00:11,658 - misp-modules - INFO - MISP modules testimport imported
misp-modules-1 | 2024-08-19 10:00:11,658 - misp-modules - INFO - MISP modules threatanalyzer_import imported
misp-modules-1 | 2024-08-19 10:00:11,661 - misp-modules - INFO - MISP modules url_import imported
misp-modules-1 | 2024-08-19 10:00:11,661 - misp-modules - INFO - MISP modules vmray_import imported
misp-modules-1 | 2024-08-19 10:00:11,661 - misp-modules - INFO - MISP modules vmray_summary_json_import imported
misp-modules-1 | 2024-08-19 10:00:11,663 - misp-modules - INFO - MISP modules server started on 0.0.0.0 port 6666
misp-core-1 | 2024-08-19 10:00:09,848 INFO Included extra file "/etc/supervisor/conf.d/10-supervisor.conf" during parsing
misp-core-1 | 2024-08-19 10:00:09,848 INFO Included extra file "/etc/supervisor/conf.d/50-workers.conf" during parsing
misp-core-1 | 2024-08-19 10:00:09,848 INFO Set uid to user 0 succeeded
misp-core-1 | 2024-08-19 10:00:09,851 INFO RPC interface 'supervisor' initialized
misp-core-1 | 2024-08-19 10:00:09,851 INFO RPC interface 'supervisor' initialized
misp-core-1 | 2024-08-19 10:00:09,851 CRIT Server 'unix_http_server' running without any HTTP authentication checking
misp-core-1 | 2024-08-19 10:00:09,851 INFO supervisord started with pid 7
misp-core-1 | 2024-08-19 10:00:10,853 INFO spawned: 'cron' with pid 8
misp-core-1 | 2024-08-19 10:00:10,854 INFO spawned: 'nginx' with pid 9
misp-core-1 | 2024-08-19 10:00:10,856 INFO spawned: 'php-fpm' with pid 10
misp-core-1 | INIT | Initialize MySQL ...
misp-core-1 | Configure PHP | Change PHP values ...
misp-core-1 | ... database has already been initialized
misp-core-1 | INIT | Initialize NGINX ...
misp-core-1 | ... enabling port 80 redirect
misp-core-1 | Configure PHP | Starting PHP FPM
misp-core-1 | ... disabling IPv6 on port 80
misp-core-1 | ... disabling SSL redirect
misp-core-1 | ... enabling port 443
misp-core-1 | ... disabling IPv6 on port 443
misp-core-1 | ... TLS certificates found
misp-core-1 | ... DH parameters found
misp-core-1 | ... nginx docroot set to /var/www/html/
misp-core-1 | INIT | Initialize MISP files and configurations ...
misp-core-1 | ... initialize configuration files
misp-core-1 | 13+1 records in
misp-core-1 | 13+1 records out
misp-core-1 | 7120 bytes (7.1 kB, 7.0 KiB) copied, 8.7901e-05 s, 81.0 MB/s
misp-core-1 | 4+1 records in
misp-core-1 | 4+1 records out
misp-core-1 | 2541 bytes (2.5 kB, 2.5 KiB) copied, 6.5231e-05 s, 39.0 MB/s
misp-core-1 | 21+1 records in
misp-core-1 | 21+1 records out
misp-core-1 | 10814 bytes (11 kB, 11 KiB) copied, 9.6522e-05 s, 112 MB/s
misp-core-1 | 31+1 records in
misp-core-1 | 31+1 records out
misp-core-1 | 15928 bytes (16 kB, 16 KiB) copied, 0.000120441 s, 132 MB/s
misp-core-1 | 5+1 records in
misp-core-1 | 5+1 records out
misp-core-1 | 3002 bytes (3.0 kB, 2.9 KiB) copied, 6.6531e-05 s, 45.1 MB/s
misp-core-1 | 5+1 records in
misp-core-1 | 5+1 records out
misp-core-1 | 2618 bytes (2.6 kB, 2.6 KiB) copied, 7.0251e-05 s, 37.3 MB/s
misp-core-1 | ... initialize database.php settings
misp-core-1 | ... initialize email.php settings
misp-core-1 | ... initialize app files
misp-core-1 | INIT | Update MISP app/files directory ...
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/browscap" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh "/var/www/MISP/app/files.dist/certs" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/community-metadata" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/empty" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/feed-metadata" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/geo-open" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh "/var/www/MISP/app/files.dist/img" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/misp-decaying-models" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/misp-galaxy" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/misp-objects" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/misp-workflow-blueprints" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/noticelists" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/scripts" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh "/var/www/MISP/app/files.dist/taxonomies" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/terms" "/var/www/MISP/app/files/"
misp-core-1 | ... rsync -azh --delete "/var/www/MISP/app/files.dist/warninglists" "/var/www/MISP/app/files/"
misp-core-1 | INIT | Enforce MISP permissions ...
misp-core-1 | ... chown -R www-data:www-data /var/www/MISP/app/tmp
misp-core-1 | ... chmod -R 0550 files /var/www/MISP/app/tmp
misp-core-1 | ... chmod -R 0770 directories /var/www/MISP/app/tmp
misp-core-1 | ... chmod -R u+w,g+w /var/www/MISP/app/tmp
misp-core-1 | ... chown -R www-data:www-data /var/www/MISP/app/files
misp-core-1 | ... chmod -R 0550 files /var/www/MISP/app/files
misp-core-1 | ... chmod -R 0770 directories /var/www/MISP/app/files
misp-core-1 | ... chmod -R u+w,g+w /var/www/MISP/app/files
misp-core-1 | ... chown -R www-data:www-data /var/www/MISP/app/Config
misp-core-1 | ... chmod -R 0550 files /var/www/MISP/app/Config ...
misp-core-1 | ... chmod -R 0770 directories /var/www/MISP/app/Config
misp-core-1 | ... chmod 600 /var/www/MISP/app/Config/{config,database,email}.php
misp-core-1 | INIT | Flip NGINX live ...
misp-core-1 | ... nginx docroot set to /var/www/MISP/app/webroot
misp-core-1 | ... nginx reloaded
misp-core-1 | 2024/08/19 10:00:11 [notice] 149#149: signal process started
misp-core-1 | 2024-08-19 10:00:11,856 INFO success: cron entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:11,856 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:11,856 INFO success: php-fpm entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | INIT | Configure MISP installation ...
misp-core-1 | MISP | Update CA certificates ...
misp-core-1 | Updating certificates in /etc/ssl/certs...
misp-core-1 | 0 added, 0 removed; done.
misp-core-1 | Running hooks in /etc/ca-certificates/update.d...
misp-core-1 | done.
misp-core-1 | Updating /var/www/MISP/app/Lib/cakephp/lib/Cake/Config/cacert.pem...
misp-core-1 | MISP | Apply minimum configuration directives ...
misp-core-1 | ... enforcing env var settings
misp-core-1 | Enforcing minimum_config setting 'GnuPG.binary' to env var or default value '/usr/bin/gpg'...
misp-core-1 | Enforcing minimum_config setting 'MISP.python_bin' to env var or default value '/usr/local/bin/python3'...
misp-core-1 | Enforcing minimum_config setting 'MISP.redis_host' to env var or default value 'redis'...
misp-core-1 | Enforcing minimum_config setting 'MISP.redis_password' to env var or default value 'redispassword'...
misp-core-1 | Enforcing minimum_config setting 'SimpleBackgroundJobs.redis_host' to env var or default value 'redis'...
misp-core-1 | Enforcing minimum_config setting 'SimpleBackgroundJobs.redis_password' to env var or default value 'redispassword'...
misp-core-1 | ... checking for unset default settings
misp-core-1 | Updating unset minimum_config setting 'MISP.attachments_dir' to '/var/www/MISP/app/files'...
misp-core-1 | Updating unset minimum_config setting 'MISP.background_jobs' to 'true'...
misp-core-1 | Updating unset minimum_config setting 'MISP.ca_path' to '/etc/ssl/certs/ca-certificates.crt'...
misp-core-1 | Updating unset minimum_config setting 'MISP.download_gpg_from_homedir' to 'false'...
misp-core-1 | Updating unset minimum_config setting 'MISP.menu_custom_right_link' to ''...
misp-core-1 | Updating unset minimum_config setting 'MISP.menu_custom_right_link_html' to ''...
misp-core-1 | Updating unset minimum_config setting 'MISP.online_version_check' to 'true'...
misp-core-1 | Updating unset minimum_config setting 'MISP.osuser' to 'www-data'...
misp-core-1 | Updating unset minimum_config setting 'MISP.redis_database' to '13'...
misp-core-1 | Updating unset minimum_config setting 'MISP.redis_port' to '6379'...
misp-core-1 | Updating unset minimum_config setting 'MISP.self_update' to 'false'...
misp-core-1 | Updating unset minimum_config setting 'MISP.tmpdir' to '/var/www/MISP/app/tmp'...
misp-core-1 | Updating unset minimum_config setting 'Security.disable_instance_file_uploads' to 'false'...
misp-core-1 | Updating unset minimum_config setting 'Security.disable_local_feed_access' to 'false'...
misp-core-1 | Updating unset minimum_config setting 'Security.rest_client_enable_arbitrary_urls' to 'false'...
misp-core-1 | Updating unset minimum_config setting 'Security.salt' to ''...
misp-core-1 | Updating unset minimum_config setting 'SimpleBackgroundJobs.enabled' to 'true'...
misp-core-1 | Updating unset minimum_config setting 'SimpleBackgroundJobs.max_job_history_ttl' to '86400'...
misp-core-1 | Updating unset minimum_config setting 'SimpleBackgroundJobs.redis_database' to '1'...
misp-core-1 | Updating unset minimum_config setting 'SimpleBackgroundJobs.redis_namespace' to 'background_jobs'...
misp-core-1 | Updating unset minimum_config setting 'SimpleBackgroundJobs.redis_port' to '6379'...
misp-core-1 | Updating unset minimum_config setting 'SimpleBackgroundJobs.supervisor_host' to '127.0.0.1'...
misp-core-1 | Updating unset minimum_config setting 'SimpleBackgroundJobs.supervisor_password' to 'supervisor'...
misp-core-1 | Updating unset minimum_config setting 'SimpleBackgroundJobs.supervisor_port' to '9001'...
misp-core-1 | Updating unset minimum_config setting 'SimpleBackgroundJobs.supervisor_user' to 'supervisor'...
misp-core-1 | MISP | Apply DB updates ...
misp-core-1 | Executing all updates to bring the database up to date with the current version.
misp-core-1 | All updates completed.
misp-core-1 | MISP | Initialize configuration ...
misp-core-1 | ... enforcing env var settings
misp-core-1 | Enforcing db_enable setting 'MISP.system_setting_db' to env var or default value 'true'...
misp-core-1 | ... enforcing env var settings
misp-core-1 | Enforcing initialisation setting 'MISP.baseurl' to env var or default value 'https://debsbrdcti01.hzt-fi.prod.esbard.lan'...
misp-core-1 | Enforcing initialisation setting 'MISP.contact' to env var or default value 'admin.cti@esbard.com'...
misp-core-1 | Enforcing initialisation setting 'MISP.email' to env var or default value 'admin.cti@esbard.com'...
misp-core-1 | Enforcing initialisation setting 'Plugin.Action_services_url' to env var or default value 'http://misp-modules'...
misp-modules-1 | 2024-08-19 10:00:19,173 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 1.55ms
misp-modules-1 | 2024-08-19 10:00:19,202 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.86ms
misp-modules-1 | 2024-08-19 10:00:19,207 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.70ms
misp-modules-1 | 2024-08-19 10:00:19,217 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.87ms
misp-core-1 | Error: Return value of Workflow::getEnabledModules() must be of the type array, bool returned
misp-core-1 | #0 /var/www/MISP/app/Model/Workflow.php(912): Workflow->getEnabledModules()
misp-core-1 | #1 /var/www/MISP/app/Model/Workflow.php(899): Workflow->__mergeGlobalConfigIntoLoadedModules()
misp-core-1 | #2 /var/www/MISP/app/Model/Workflow.php(1111): Workflow->loadAllWorkflowModules()
misp-core-1 | #3 /var/www/MISP/app/Model/Server.php(1562): Workflow->getModulesByType()
misp-core-1 | #4 /var/www/MISP/app/Model/Server.php(1511): Server->readModuleSettings()
misp-core-1 | #5 /var/www/MISP/app/Model/Server.php(2425): Server->getCurrentServerSettings()
misp-core-1 | #6 /var/www/MISP/app/Console/Command/AdminShell.php(533): Server->getSettingData()
misp-core-1 | #7 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(459): AdminShell->setSetting()
misp-core-1 | #8 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
misp-core-1 | #9 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
misp-core-1 | #10 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
misp-core-1 | #11 {main}
misp-core-1 | Enforcing initialisation setting 'Plugin.Enrichment_services_url' to env var or default value 'http://misp-modules'...
misp-modules-1 | 2024-08-19 10:00:19,350 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 1.23ms
misp-modules-1 | 2024-08-19 10:00:19,367 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.77ms
misp-modules-1 | 2024-08-19 10:00:19,371 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.73ms
misp-modules-1 | 2024-08-19 10:00:19,378 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.81ms
misp-core-1 | Error: Return value of Workflow::getEnabledModules() must be of the type array, bool returned
misp-core-1 | #0 /var/www/MISP/app/Model/Workflow.php(912): Workflow->getEnabledModules()
misp-core-1 | #1 /var/www/MISP/app/Model/Workflow.php(899): Workflow->__mergeGlobalConfigIntoLoadedModules()
misp-core-1 | #2 /var/www/MISP/app/Model/Workflow.php(1111): Workflow->loadAllWorkflowModules()
misp-core-1 | #3 /var/www/MISP/app/Model/Server.php(1562): Workflow->getModulesByType()
misp-core-1 | #4 /var/www/MISP/app/Model/Server.php(1511): Server->readModuleSettings()
misp-core-1 | #5 /var/www/MISP/app/Model/Server.php(2425): Server->getCurrentServerSettings()
misp-core-1 | #6 /var/www/MISP/app/Console/Command/AdminShell.php(533): Server->getSettingData()
misp-core-1 | #7 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(459): AdminShell->setSetting()
misp-core-1 | #8 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
misp-core-1 | #9 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
misp-core-1 | #10 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
misp-core-1 | #11 {main}
misp-core-1 | Enforcing initialisation setting 'Plugin.Export_services_url' to env var or default value 'http://misp-modules'...
misp-modules-1 | 2024-08-19 10:00:19,511 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 1.24ms
misp-modules-1 | 2024-08-19 10:00:19,528 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.75ms
misp-modules-1 | 2024-08-19 10:00:19,531 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.70ms
misp-modules-1 | 2024-08-19 10:00:19,539 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.82ms
misp-core-1 | Error: Return value of Workflow::getEnabledModules() must be of the type array, bool returned
misp-core-1 | #0 /var/www/MISP/app/Model/Workflow.php(912): Workflow->getEnabledModules()
misp-core-1 | #1 /var/www/MISP/app/Model/Workflow.php(899): Workflow->__mergeGlobalConfigIntoLoadedModules()
misp-core-1 | #2 /var/www/MISP/app/Model/Workflow.php(1111): Workflow->loadAllWorkflowModules()
misp-core-1 | #3 /var/www/MISP/app/Model/Server.php(1562): Workflow->getModulesByType()
misp-core-1 | #4 /var/www/MISP/app/Model/Server.php(1511): Server->readModuleSettings()
misp-core-1 | #5 /var/www/MISP/app/Model/Server.php(2425): Server->getCurrentServerSettings()
misp-core-1 | #6 /var/www/MISP/app/Console/Command/AdminShell.php(533): Server->getSettingData()
misp-core-1 | #7 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(459): AdminShell->setSetting()
misp-core-1 | #8 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
misp-core-1 | #9 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
misp-core-1 | #10 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
misp-core-1 | #11 {main}
misp-core-1 | Enforcing initialisation setting 'Plugin.Import_services_url' to env var or default value 'http://misp-modules'...
misp-modules-1 | 2024-08-19 10:00:19,670 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 1.23ms
misp-modules-1 | 2024-08-19 10:00:19,687 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.83ms
misp-modules-1 | 2024-08-19 10:00:19,691 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.73ms
misp-modules-1 | 2024-08-19 10:00:19,698 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.76ms
misp-core-1 | Error: Return value of Workflow::getEnabledModules() must be of the type array, bool returned
misp-core-1 | #0 /var/www/MISP/app/Model/Workflow.php(912): Workflow->getEnabledModules()
misp-core-1 | #1 /var/www/MISP/app/Model/Workflow.php(899): Workflow->__mergeGlobalConfigIntoLoadedModules()
misp-core-1 | #2 /var/www/MISP/app/Model/Workflow.php(1111): Workflow->loadAllWorkflowModules()
misp-core-1 | #3 /var/www/MISP/app/Model/Server.php(1562): Workflow->getModulesByType()
misp-core-1 | #4 /var/www/MISP/app/Model/Server.php(1511): Server->readModuleSettings()
misp-core-1 | #5 /var/www/MISP/app/Model/Server.php(2425): Server->getCurrentServerSettings()
misp-core-1 | #6 /var/www/MISP/app/Console/Command/AdminShell.php(533): Server->getSettingData()
misp-core-1 | #7 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(459): AdminShell->setSetting()
misp-core-1 | #8 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
misp-core-1 | #9 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
misp-core-1 | #10 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
misp-core-1 | #11 {main}
misp-core-1 | Enforcing initialisation setting 'Plugin.ZeroMQ_redis_host' to env var or default value 'redis'...
misp-core-1 | Enforcing initialisation setting 'Plugin.ZeroMQ_redis_password' to env var or default value 'redispassword'...
misp-core-1 | Enforcing initialisation setting 'Security.encryption_key' to env var or default value ''...
misp-core-1 | Enforcing initialisation setting 'debug' to env var or default value '0'...
misp-core-1 | ... checking for unset default settings
misp-core-1 | MISP | Initialize workers ...
misp-core-1 | ... starting background workers
misp-core-1 | 2024-08-19 10:00:24,584 INFO spawned: 'default_00' with pid 2313
misp-core-1 | 2024-08-19 10:00:24,585 INFO spawned: 'default_01' with pid 2314
misp-core-1 | 2024-08-19 10:00:24,587 INFO spawned: 'default_02' with pid 2315
misp-core-1 | 2024-08-19 10:00:24,588 INFO spawned: 'default_03' with pid 2316
misp-core-1 | 2024-08-19 10:00:24,589 INFO spawned: 'default_04' with pid 2317
misp-core-1 | 2024-08-19 10:00:24,591 INFO spawned: 'email_00' with pid 2320
misp-core-1 | 2024-08-19 10:00:24,592 INFO spawned: 'email_01' with pid 2326
misp-core-1 | 2024-08-19 10:00:24,594 INFO spawned: 'email_02' with pid 2330
misp-core-1 | 2024-08-19 10:00:24,595 INFO spawned: 'email_03' with pid 2336
misp-core-1 | 2024-08-19 10:00:24,596 INFO spawned: 'email_04' with pid 2346
misp-core-1 | 2024-08-19 10:00:24,598 INFO spawned: 'cache_00' with pid 2351
misp-core-1 | 2024-08-19 10:00:24,599 INFO spawned: 'cache_01' with pid 2362
misp-core-1 | 2024-08-19 10:00:24,601 INFO spawned: 'cache_02' with pid 2367
misp-core-1 | 2024-08-19 10:00:24,602 INFO spawned: 'cache_03' with pid 2371
misp-core-1 | 2024-08-19 10:00:24,603 INFO spawned: 'cache_04' with pid 2374
misp-core-1 | 2024-08-19 10:00:24,605 INFO spawned: 'prio_00' with pid 2379
misp-core-1 | 2024-08-19 10:00:24,611 INFO spawned: 'prio_01' with pid 2390
misp-core-1 | 2024-08-19 10:00:24,612 INFO spawned: 'prio_02' with pid 2391
misp-core-1 | 2024-08-19 10:00:24,614 INFO spawned: 'prio_03' with pid 2392
misp-core-1 | 2024-08-19 10:00:24,615 INFO spawned: 'prio_04' with pid 2395
misp-core-1 | 2024-08-19 10:00:24,616 INFO spawned: 'update_00' with pid 2398
misp-core-1 | 2024-08-19 10:00:24,699 WARN exited: email_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,705 WARN exited: default_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,706 WARN exited: cache_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,718 WARN exited: default_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,731 WARN exited: default_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,747 WARN exited: default_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,747 WARN exited: email_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,753 WARN exited: email_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,761 WARN exited: cache_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,767 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,777 WARN exited: default_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,777 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,789 WARN exited: email_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,789 WARN exited: prio_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,794 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,802 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,807 WARN exited: email_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,832 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,832 WARN exited: prio_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:24,832 WARN exited: prio_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:25,835 INFO spawned: 'default_00' with pid 2481
misp-core-1 | 2024-08-19 10:00:25,837 INFO spawned: 'default_01' with pid 2482
misp-core-1 | 2024-08-19 10:00:25,838 INFO spawned: 'default_02' with pid 2483
misp-core-1 | 2024-08-19 10:00:25,839 INFO spawned: 'default_03' with pid 2484
misp-core-1 | 2024-08-19 10:00:25,840 INFO spawned: 'default_04' with pid 2485
misp-core-1 | 2024-08-19 10:00:25,842 INFO spawned: 'email_00' with pid 2487
misp-core-1 | 2024-08-19 10:00:25,843 INFO spawned: 'email_01' with pid 2491
misp-core-1 | 2024-08-19 10:00:25,844 INFO spawned: 'email_02' with pid 2494
misp-core-1 | 2024-08-19 10:00:25,845 INFO spawned: 'email_03' with pid 2499
misp-core-1 | 2024-08-19 10:00:25,846 INFO spawned: 'email_04' with pid 2505
misp-core-1 | 2024-08-19 10:00:25,847 INFO spawned: 'cache_00' with pid 2512
misp-core-1 | 2024-08-19 10:00:25,848 INFO spawned: 'cache_01' with pid 2519
misp-core-1 | 2024-08-19 10:00:25,849 INFO spawned: 'cache_02' with pid 2524
misp-core-1 | 2024-08-19 10:00:25,850 INFO spawned: 'cache_03' with pid 2529
misp-core-1 | 2024-08-19 10:00:25,852 INFO spawned: 'cache_04' with pid 2532
misp-core-1 | 2024-08-19 10:00:25,853 INFO spawned: 'prio_00' with pid 2536
misp-core-1 | 2024-08-19 10:00:25,854 INFO spawned: 'prio_01' with pid 2540
misp-core-1 | 2024-08-19 10:00:25,855 INFO spawned: 'prio_02' with pid 2546
misp-core-1 | 2024-08-19 10:00:25,856 INFO spawned: 'prio_03' with pid 2548
misp-core-1 | 2024-08-19 10:00:25,857 INFO spawned: 'prio_04' with pid 2550
misp-core-1 | 2024-08-19 10:00:25,857 INFO success: update_00 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:25,857 WARN exited: update_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:25,879 INFO spawned: 'update_00' with pid 2596
misp-core-1 | 2024-08-19 10:00:25,930 WARN exited: default_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:25,930 WARN exited: default_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:25,950 WARN exited: default_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:25,970 WARN exited: email_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:25,996 WARN exited: default_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:25,996 WARN exited: email_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,001 WARN exited: email_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,020 WARN exited: default_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,020 WARN exited: email_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,020 WARN exited: cache_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,020 WARN exited: prio_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,031 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,031 WARN exited: prio_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,043 WARN exited: email_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,043 WARN exited: update_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,049 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,055 WARN exited: cache_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,072 WARN exited: prio_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:26,072 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:27,076 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:27,076 INFO success: prio_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:27,077 INFO spawned: 'update_00' with pid 2656
misp-core-1 | 2024-08-19 10:00:27,077 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:27,077 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:27,079 INFO spawned: 'cache_01' with pid 2657
misp-core-1 | 2024-08-19 10:00:27,080 INFO spawned: 'prio_02' with pid 2658
misp-core-1 | misp-workers:default_00: ERROR (spawn error)
misp-core-1 | misp-workers:default_01: ERROR (spawn error)
misp-core-1 | misp-workers:default_02: ERROR (spawn error)
misp-core-1 | misp-workers:default_03: ERROR (spawn error)
misp-core-1 | misp-workers:email_00: ERROR (spawn error)
misp-core-1 | misp-workers:email_02: ERROR (spawn error)
misp-core-1 | misp-workers:cache_03: ERROR (spawn error)
misp-core-1 | misp-workers:default_04: ERROR (spawn error)
misp-core-1 | misp-workers:email_01: ERROR (spawn error)
misp-core-1 | misp-workers:email_03: ERROR (spawn error)
misp-core-1 | misp-workers:cache_00: ERROR (spawn error)
misp-core-1 | misp-workers:cache_02: ERROR (spawn error)
misp-core-1 | misp-workers:cache_04: ERROR (spawn error)
misp-core-1 | misp-workers:prio_00: ERROR (spawn error)
misp-core-1 | misp-workers:prio_01: ERROR (spawn error)
misp-core-1 | misp-workers:prio_02: ERROR (spawn error)
misp-core-1 | misp-workers:update_00: ERROR (spawn error)
misp-core-1 | misp-workers:prio_03: ERROR (spawn error)
misp-core-1 | misp-workers:prio_04: ERROR (spawn error)
misp-core-1 | misp-workers:email_04: ERROR (spawn error)
misp-core-1 | misp-workers:cache_01: ERROR (spawn error)
misp-core-1 | MISP | Configure GPG key ...
misp-core-1 | ... found pre-generated GPG key in /var/www/MISP/.gnupg
misp-core-1 | ... exporting GPG key
misp-core-1 | ... enforcing env var settings
misp-core-1 | 2024-08-19 10:00:27,158 WARN exited: update_00 (exit status 1; not expected)
misp-core-1 | Enforcing gpg setting 'GnuPG.email' to env var or default value 'admin.cti@esbard.com'...
misp-core-1 | 2024-08-19 10:00:27,168 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:27,168 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1 | Enforcing gpg setting 'GnuPG.homedir' to env var or default value '/var/www/MISP/.gnupg'...
misp-core-1 | Enforcing gpg setting 'GnuPG.password' to env var or default value '4f763415fbfc568f8bfa06399f0ef0db0a0f234d286d1bb1db1a359618d8ca39'...
misp-core-1 | ... checking for unset default settings
misp-core-1 | MISP | Init default user and organization ...
misp-core-1 | ERROR 1142 (42000) at line 1: UPDATE command denied to user 'cti'@'10.201.3.5' for table `misp`.`users`
misp-core-1 | ERROR 1142 (42000) at line 1: UPDATE command denied to user 'cti'@'10.201.3.5' for table `misp`.`organisations`
misp-core-1 | ... admin user key auto generation disabled
misp-core-1 | ... setting admin password skipped
misp-core-1 | ERROR 1142 (42000) at line 1: UPDATE command denied to user 'cti'@'10.201.3.5' for table `misp`.`users`
misp-core-1 | MISP | Resolve critical issues ...
misp-core-1 | ... enforcing env var settings
misp-core-1 | Enforcing critical setting 'MISP.external_baseurl' to env var or default value 'https://debsbrdcti01.hzt-fi.prod.esbard.lan'...
misp-core-1 | Enforcing critical setting 'Security.rest_client_baseurl' to env var or default value 'https://debsbrdcti01.hzt-fi.prod.esbard.lan'...
misp-core-1 | 2024-08-19 10:00:28,051 INFO spawned: 'default_00' with pid 2804
misp-core-1 | 2024-08-19 10:00:28,052 INFO spawned: 'default_01' with pid 2805
misp-core-1 | 2024-08-19 10:00:28,053 INFO spawned: 'default_02' with pid 2806
misp-core-1 | 2024-08-19 10:00:28,055 INFO spawned: 'default_03' with pid 2808
misp-core-1 | 2024-08-19 10:00:28,056 INFO spawned: 'default_04' with pid 2809
misp-core-1 | 2024-08-19 10:00:28,057 INFO spawned: 'email_00' with pid 2811
misp-core-1 | 2024-08-19 10:00:28,058 INFO spawned: 'email_01' with pid 2817
misp-core-1 | 2024-08-19 10:00:28,059 INFO spawned: 'email_02' with pid 2822
misp-core-1 | 2024-08-19 10:00:28,060 INFO spawned: 'email_03' with pid 2828
misp-core-1 | 2024-08-19 10:00:28,062 INFO spawned: 'email_04' with pid 2833
misp-core-1 | 2024-08-19 10:00:28,063 INFO spawned: 'cache_00' with pid 2843
misp-core-1 | 2024-08-19 10:00:28,064 INFO spawned: 'cache_02' with pid 2850
misp-core-1 | 2024-08-19 10:00:28,065 INFO spawned: 'cache_03' with pid 2854
misp-core-1 | 2024-08-19 10:00:28,066 INFO spawned: 'cache_04' with pid 2858
misp-core-1 | 2024-08-19 10:00:28,067 INFO spawned: 'prio_03' with pid 2862
misp-core-1 | 2024-08-19 10:00:28,069 INFO spawned: 'prio_04' with pid 2863
misp-core-1 | 2024-08-19 10:00:28,130 INFO spawned: 'prio_00' with pid 2929
misp-core-1 | 2024-08-19 10:00:28,131 INFO spawned: 'prio_01' with pid 2930
misp-core-1 | 2024-08-19 10:00:28,141 WARN exited: default_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,162 WARN exited: default_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,187 INFO spawned: 'cache_01' with pid 2946
misp-core-1 | 2024-08-19 10:00:28,189 INFO spawned: 'prio_02' with pid 2948
misp-core-1 | 2024-08-19 10:00:28,189 WARN exited: default_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,189 WARN exited: prio_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,205 WARN exited: default_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,205 WARN exited: cache_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,211 WARN exited: email_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,211 WARN exited: email_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,222 WARN exited: cache_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,223 WARN exited: prio_03 (exit status 1; not expected)
misp-core-1 | ... checking for unset default settings
misp-core-1 | 2024-08-19 10:00:28,229 WARN exited: default_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,229 WARN exited: email_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,233 WARN exited: email_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,241 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,276 WARN exited: email_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,294 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,294 WARN exited: prio_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,299 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1 | Updating unset critical setting 'Security.auth' to 'Array()'...
misp-core-1 | 2024-08-19 10:00:28,904 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:28,905 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | MISP | Resolve non-critical issues ...
misp-core-1 | ... checking for unset default settings
misp-core-1 | Updating unset optional setting 'MISP.welcome_text_bottom' to ''...
misp-core-1 | 2024-08-19 10:00:29,357 INFO spawned: 'update_00' with pid 3134
misp-core-1 | Updating unset optional setting 'MISP.welcome_text_top' to ''...
misp-core-1 | 2024-08-19 10:00:29,560 WARN exited: update_00 (exit status 1; not expected)
misp-core-1 | MISP | Create sync servers ...
misp-core-1 | ... admin key auto configuration is required to configure sync servers
misp-core-1 | MISP | Update components ...
misp-core-1 | Galaxies updated
misp-core-1 | All taxonomies are up to date already.
misp-core-1 | 2024-08-19 10:00:30,319 INFO spawned: 'prio_02' with pid 3219
misp-core-1 | 0 warninglists updated, 0 fails
misp-core-1 | 2024-08-19 10:00:30,528 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1 | Notice lists updated
misp-core-1 | All object templates are up to date already.
misp-core-1 | MISP | Set Up OIDC ...
misp-core-1 | ... OIDC authentication disabled
misp-core-1 | MISP | Set Up LDAP ...
misp-core-1 | ... LDAP authentication disabled
misp-core-1 | MISP | Set Up AAD ...
misp-core-1 | ... Entra (AzureAD) authentication disabled
misp-core-1 | MISP | Set Up Proxy ...
misp-core-1 | ... Proxy disabled
misp-core-1 | MISP | Mark instance live
misp-core-1 | Redis is not reachable.
misp-core-1 | Set live status in PHP config file.
misp-core-1 | MISP is now live. Users can now log in.
misp-core-1 | 2024-08-19 10:00:31,904 INFO spawned: 'default_00' with pid 3270
misp-core-1 | 2024-08-19 10:00:31,905 INFO spawned: 'default_01' with pid 3271
misp-core-1 | 2024-08-19 10:00:31,906 INFO spawned: 'default_02' with pid 3272
misp-core-1 | 2024-08-19 10:00:31,907 INFO spawned: 'default_03' with pid 3273
misp-core-1 | 2024-08-19 10:00:31,909 INFO spawned: 'default_04' with pid 3274
misp-core-1 | 2024-08-19 10:00:31,910 INFO spawned: 'email_00' with pid 3277
misp-core-1 | 2024-08-19 10:00:31,911 INFO spawned: 'email_01' with pid 3280
misp-core-1 | 2024-08-19 10:00:31,913 INFO spawned: 'email_02' with pid 3286
misp-core-1 | 2024-08-19 10:00:31,914 INFO spawned: 'email_03' with pid 3291
misp-core-1 | 2024-08-19 10:00:31,915 INFO spawned: 'email_04' with pid 3301
misp-core-1 | 2024-08-19 10:00:31,916 INFO spawned: 'cache_00' with pid 3309
misp-core-1 | 2024-08-19 10:00:31,917 INFO spawned: 'cache_01' with pid 3315
misp-core-1 | 2024-08-19 10:00:31,919 INFO spawned: 'cache_02' with pid 3318
misp-core-1 | 2024-08-19 10:00:31,920 INFO spawned: 'cache_03' with pid 3323
misp-core-1 | 2024-08-19 10:00:31,921 INFO spawned: 'cache_04' with pid 3325
misp-core-1 | 2024-08-19 10:00:31,924 INFO spawned: 'prio_00' with pid 3328
misp-core-1 | 2024-08-19 10:00:31,926 INFO spawned: 'prio_01' with pid 3329
misp-core-1 | 2024-08-19 10:00:31,927 INFO spawned: 'prio_03' with pid 3333
misp-core-1 | 2024-08-19 10:00:31,928 INFO spawned: 'prio_04' with pid 3335
misp-core-1 | 2024-08-19 10:00:31,995 WARN exited: default_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:31,995 WARN exited: default_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:31,995 WARN exited: default_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:31,995 INFO gave up: default_00 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:31,995 INFO gave up: default_01 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:31,995 INFO gave up: default_02 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,016 WARN exited: default_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,016 WARN exited: default_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,016 INFO gave up: default_03 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,016 INFO gave up: default_04 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,042 WARN exited: email_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,042 INFO gave up: email_03 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,047 WARN exited: prio_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,047 INFO gave up: prio_04 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,053 WARN exited: prio_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,053 INFO gave up: prio_03 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,075 WARN exited: email_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,076 INFO gave up: email_00 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,086 WARN exited: email_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,086 WARN exited: email_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,086 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,086 INFO gave up: email_02 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,086 INFO gave up: email_04 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,086 INFO gave up: prio_01 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,100 WARN exited: email_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,100 WARN exited: cache_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,100 INFO gave up: email_01 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,100 INFO gave up: cache_00 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,109 WARN exited: cache_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,109 WARN exited: prio_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:32,109 INFO gave up: cache_03 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:32,109 INFO gave up: prio_00 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:33,115 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:33,115 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:33,115 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:33,117 INFO spawned: 'update_00' with pid 3429
misp-core-1 | 2024-08-19 10:00:33,117 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:33,117 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:33,117 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:33,189 INFO spawned: 'cache_01' with pid 3437
misp-core-1 | 2024-08-19 10:00:33,191 INFO spawned: 'cache_02' with pid 3438
misp-core-1 | 2024-08-19 10:00:33,192 INFO spawned: 'cache_04' with pid 3439
misp-core-1 | 2024-08-19 10:00:33,264 WARN exited: update_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:33,264 INFO gave up: update_00 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:34,268 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:34,268 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:34,268 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:34,270 INFO spawned: 'prio_02' with pid 3461
misp-core-1 | 2024-08-19 10:00:34,270 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:34,270 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:34,270 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:34,343 INFO spawned: 'cache_01' with pid 3469
misp-core-1 | 2024-08-19 10:00:34,344 INFO spawned: 'cache_02' with pid 3470
misp-core-1 | 2024-08-19 10:00:34,345 INFO spawned: 'cache_04' with pid 3471
misp-core-1 | 2024-08-19 10:00:34,346 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:34,416 INFO gave up: prio_02 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 10:00:35,419 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:35,419 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:35,419 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:35,420 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:35,420 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:35,420 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:36,422 INFO spawned: 'cache_01' with pid 3500
misp-core-1 | 2024-08-19 10:00:36,423 INFO spawned: 'cache_02' with pid 3501
misp-core-1 | 2024-08-19 10:00:36,424 INFO spawned: 'cache_04' with pid 3502
misp-core-1 | 2024-08-19 10:00:37,499 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:37,499 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:37,499 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:37,499 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:37,499 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:37,499 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:38,501 INFO spawned: 'cache_01' with pid 3531
misp-core-1 | 2024-08-19 10:00:38,503 INFO spawned: 'cache_02' with pid 3532
misp-core-1 | 2024-08-19 10:00:38,504 INFO spawned: 'cache_04' with pid 3533
misp-core-1 | 2024-08-19 10:00:39,578 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:39,578 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:39,578 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:39,578 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:39,578 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:39,578 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:40,581 INFO spawned: 'cache_01' with pid 3562
misp-core-1 | 2024-08-19 10:00:40,582 INFO spawned: 'cache_02' with pid 3563
misp-core-1 | 2024-08-19 10:00:40,583 INFO spawned: 'cache_04' with pid 3564
misp-core-1 | 2024-08-19 10:00:41,658 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:41,658 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:41,658 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:41,658 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:41,658 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:41,658 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:42,661 INFO spawned: 'cache_01' with pid 3593
misp-core-1 | 2024-08-19 10:00:42,662 INFO spawned: 'cache_02' with pid 3594
misp-core-1 | 2024-08-19 10:00:42,663 INFO spawned: 'cache_04' with pid 3595
misp-core-1 | 2024-08-19 10:00:43,738 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:43,738 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:43,738 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:43,738 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:43,738 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:43,738 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:44,740 INFO spawned: 'cache_01' with pid 3624
misp-core-1 | 2024-08-19 10:00:44,742 INFO spawned: 'cache_02' with pid 3625
misp-core-1 | 2024-08-19 10:00:44,743 INFO spawned: 'cache_04' with pid 3626
misp-core-1 | 2024-08-19 10:00:45,817 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:45,817 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:45,817 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:45,817 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:45,817 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:45,817 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:46,820 INFO spawned: 'cache_01' with pid 3655
misp-core-1 | 2024-08-19 10:00:46,821 INFO spawned: 'cache_02' with pid 3656
misp-core-1 | 2024-08-19 10:00:46,822 INFO spawned: 'cache_04' with pid 3657
misp-core-1 | 2024-08-19 10:00:47,896 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:47,896 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:47,896 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:47,896 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:47,896 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:47,896 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:48,898 INFO spawned: 'cache_01' with pid 3686
misp-core-1 | 2024-08-19 10:00:48,900 INFO spawned: 'cache_02' with pid 3687
misp-core-1 | 2024-08-19 10:00:48,901 INFO spawned: 'cache_04' with pid 3688
misp-core-1 | 2024-08-19 10:00:49,975 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:49,975 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:49,975 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 10:00:49,975 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:49,975 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 10:00:49,975 WARN exited: cache_04 (exit status 1; not expected)Attached worker logs. worker-logs.tar.gz
joe-speedboat
commented
3 months ago Hi, I observed same errors. Fresh install with podman and rocky9: git clone, podman-compose pull, podman-compose up -> misp-core-1 | xxx WARN exited: xx_yy (exit status 1; not expected) v2.4.194 and earlier was working as expected. I even started v2.4.195 images (pull, not compile) with config from v2.4.194 and v2.4.193, they start as expected. It must be something, that cam in with docker-compose.yml or .env ... but didnt dig in.
ostefano
commented
3 months ago @joe-speedboat are you using system_db_settings? Can you try to build and run branch "redis"?
joe-speedboat
commented
3 months ago @joe-speedboat are you using system_db_settings? Can you try to build and run branch "redis"? Sorry I am not compiling, this is not our focus and I am short of time. but here are my latest setup notes and observations, I can confirm it is working again with latest docker images ( tag:3fbf7bf ). This are my exact setup notes, on top of a fresh deployment of recent rocky9 minimal setup. I hope this helps, thanks
sed -i 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config
grep ^SELINUX= /etc/selinux/config
SELINUX=permissive
setenforce 0dnf -y install firewalld
systemctl is-enabled firewalld
systemctl restart firewalld
firewall-cmd --add-service https --permanent
systemctl restart firewallddnf -y install epel-release
dnf -y install podman-compose podman skopeo
sed -i.bak 's/^unqualified-search-registries .*/unqualified-search-registries = [\"docker.io\"]/' /etc/containers/registries.conf
systemctl enable podman
systemctl restart podman# create custom config
echo '# custom podman default networking
[network]
default_network = "podman"
default_subnet = "192.168.223.0/24"
default_subnet_pools = [{"base" = "192.168.224.0/20", "size" = 24}]
' >> /etc/containers/containers.conf
restorecon -FRv /etc/containers/containers.conf
systemctl restart podman
systemctl status podman
mkdir /srv/compose-test
echo '
version: '3.8'
services:
busybox:
image: busybox
command: sleep 3600
' > /srv/compose-test/docker-compose.yml
cd /srv/compose-test
podman-compose up
podman network ls
podman network inspect podman
podman network inspect compose-test_defaultpodman network rm misp-containers_default
podman network ls
podman network rm podman
podman system prune --volumes
podman rmi --all
rm /etc/systemd/system/docker-misp.service
rm -rf /srv/misp* /srv/git*
sed -i.bak 's/^unqualified-search-registries .*/unqualified-search-registries = [\"docker.io\"]/' /etc/containers/registries.conf
cd /srv
genpasswd() {
local l=$1
[ "$l" == "" ] && l=20
tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs
}
mkdir /srv/git /srv/misp-containers /srv/misp-volumes
cd /srv/git
git clone https://github.com/MISP/misp-docker.git
cd /srv/git/misp-docker
cp -av docker-compose.yml /srv/misp-containers
cp -av template.env /srv/misp-containers/.env
cd /srv/misp-containers
# adjust tag-version in .env file if needed
grep _TAG= .env
CORE_TAG=v2.4.195
MODULES_TAG=v2.4.195
# replace latest with tags, due we dont want to complile and bind specific docker pull version
sed -i 's/misp-core:latest/misp-core:${CORE_TAG}/' docker-compose.yml
sed -i 's/misp-modules:latest/misp-modules:${MODULES_TAG}/' docker-compose.yml
# Corporate specific config
DISABLE_IPV6=true
BASE_URL="https://test-misp.fqdn"
sed -i "s|^# DISABLE_IPV6=.*|DISABLE_IPV6=$DISABLE_IPV6|" .env
sed -i "s|^BASE_URL=.*|BASE_URL=\"$BASE_URL\"|" .env
# random passwords
MYSQL_ROOT_PASSWORD=$(genpasswd)
MYSQL_PASSWORD=$(genpasswd)
sed -i "s/# MYSQL_ROOT_PASSWORD=.*/MYSQL_ROOT_PASSWORD=\"$MYSQL_ROOT_PASSWORD\"/" .env
sed -i "s/# MYSQL_PASSWORD=.*/MYSQL_PASSWORD=\"$MYSQL_PASSWORD\"/" .env
# pull docker imagescd /srv/misp-containers podman-compose pull
# Insert CAP_AUDIT_WRITE to misp-core pod in docker compose file
Sources:
* https://docs.docker.com/compose/compose-file/05-services/#cap_add
* https://man7.org/linux/man-pages/man7/capabilities.7.html
* https://github.com/pi-hole/docker-pi-hole/issues/1007
```bash
# manual change
vi docker-compose.yml
------------------
...
misp-core:
cap_add:
- CAP_AUDIT_WRITE #Remove "sudo: unable to send audit message" from compose logs
...
-----------------
# on-liner change cap_add-CAP_AUDIT_WRITE
cp -av docker-compose.yml docker-compose.yml.cap
awk '
/misp-core:/ {print; in_misp_core=1; next}
/^[[:space:]]*[^[:space:]]/ && in_misp_core {in_misp_core=0; if (!cap_found) {print " cap_add:"; print " - CAP_AUDIT_WRITE"}}
/healthcheck:/ && in_misp_core {if (!cap_found) {print " cap_add:"; print " - CAP_AUDIT_WRITE"; cap_found=1} print; next}
/ports:/ && in_misp_core {if (!cap_found) {print " cap_add:"; print " - CAP_AUDIT_WRITE"; cap_found=1} print; next}
{print}
' docker-compose.yml > temp.yml && mv -fv temp.yml docker-compose.ymlvimdiff docker-compose.yml docker-compose.yml.cap
cd /srv/misp-containers
cp -av docker-compose.yml docker-compose.yml.volumes
# manual way
vim docker-compose.yml
------
volumes:
mysql_data:
configs:
files:
gnupg:
logs:
ssl:
[...]
misp-core:
volumes:
- configs:/var/www/MISP/app/Config
- logs:/var/www/MISP/app/tmp/logs
- files:/var/www/MISP/app/files
- ssl:/etc/nginx/certs
- gnupg:/var/www/MISP/.gnupg
misp-core:
[...]
ports:
#- "80:80" #disable port 80
------
## change misp-core volume settings
sed -i 's|.*\/var/www/MISP/app/Config.*| - configs:/var/www/MISP/app/Config|' docker-compose.yml
sed -i 's|.*\/var/www/MISP/app/tmp/logs.*| - logs:/var/www/MISP/app/tmp/logs|' docker-compose.yml
sed -i 's|.*\/var/www/MISP/app/files.*| - files:/var/www/MISP/app/files|' docker-compose.yml
sed -i 's|.*\/etc/nginx/certs.*| - ssl:/etc/nginx/certs|' docker-compose.yml
sed -i 's|.*\/var/www/MISP/.gnupg.*| - gnupg:/var/www/MISP/.gnupg|' docker-compose.yml
## add missing volumes at the end
echo ' configs:
files:
gnupg:
logs:
ssl:
' >> docker-compose.yml
# remove port 80
sed -i '/80:80/d' docker-compose.yml
# verify changes
vimdiff docker-compose.yml docker-compose.yml.volumescd /srv/misp-volumes
for vol in misp-containers_mysql_data misp-containers_configs misp-containers_files misp-containers_gnupg misp-containers_logs misp-containers_ssl
do
echo "------ $vol"
mkdir $vol
podman volume create --opt type=none --opt o=bind --opt device=/srv/misp-volumes/$vol $vol
donecd /srv/misp-containers/
podman-compose up admin@admin.test / admin
[root@test-misp ~]# podman volume ls
DRIVER VOLUME NAME
local misp-containers_mysql_data
local misp-containers_configs
local misp-containers_files
local misp-containers_gnupg
local misp-containers_logs
local misp-containers_ssl
local d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763
[root@test-misp ~]# podman inspect misp-containers_redis_1 | grep d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763
"Name": "d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763",
"Source": "/var/lib/containers/storage/volumes/d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763/_data",
"d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763:/data:rprivate,rw,nodev,exec,nosuid,rbind"
[root@test-misp ~]# podman exec -it misp-containers_redis_1 df
Filesystem 1K-blocks Used Available Use% Mounted on
overlay 37823904 5561176 30309144 16% /
tmpfs 65536 0 65536 0% /dev
/dev/mapper/rl-root 37823904 5561176 30309144 16% /data
tmpfs 1573304 9224 1564080 1% /etc/hosts
shm 64000 0 64000 0% /dev/shm
devtmpfs 4096 0 4096 0% /proc/keys
[root@test-misp ~]# podman exec -it misp-containers_redis_1 "ls -l /data"
Error: crun: executable file `ls -l /data` not found in $PATH: No such file or directory: OCI runtime attempted to invoke a command that was not found
[root@test-misp ~]# podman exec -it misp-containers_redis_1 bash -c "ls -l /data"
total 36
-rw-------. 1 valkey valkey 36265 Aug 21 08:10 dump.rdb
[root@test-misp ~]# ll /var/lib/containers/storage/volumes/d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763/_data
total 36
-rw-------. 1 systemd-coredump input 36265 Aug 21 10:10 dump.rdb
New version released.
Make sure to merge docker-compose.yml changes @clopmz
captainfalcon23
commented
1 month ago What is the fix here? Having the same issue with v2.4.198, using official docker images.
ostefano
commented
1 month ago What is the fix here? Having the same issue with v2.4.198, using official docker images.
I replied to you in the issue you opened.
Good morning,
After updating to release v2.4.195, I am seeing a lot of errors in docker-compose logs:
misp-core-1 | MISP is now live. Users can now log in. misp-core-1 | 2024-08-19 09:17:20,942 INFO spawned: 'default_00' with pid 3020 misp-core-1 | 2024-08-19 09:17:20,944 INFO spawned: 'default_01' with pid 3021 misp-core-1 | 2024-08-19 09:17:20,945 INFO spawned: 'default_02' with pid 3022 misp-core-1 | 2024-08-19 09:17:20,946 INFO spawned: 'default_03' with pid 3023 misp-core-1 | 2024-08-19 09:17:20,947 INFO spawned: 'default_04' with pid 3024 misp-core-1 | 2024-08-19 09:17:20,948 INFO spawned: 'email_00' with pid 3026 misp-core-1 | 2024-08-19 09:17:20,950 INFO spawned: 'email_01' with pid 3030 misp-core-1 | 2024-08-19 09:17:20,951 INFO spawned: 'email_02' with pid 3034 misp-core-1 | 2024-08-19 09:17:20,952 INFO spawned: 'email_03' with pid 3040 misp-core-1 | 2024-08-19 09:17:20,954 INFO spawned: 'email_04' with pid 3049 misp-core-1 | 2024-08-19 09:17:20,955 INFO spawned: 'cache_00' with pid 3057 misp-core-1 | 2024-08-19 09:17:20,956 INFO spawned: 'cache_01' with pid 3060 misp-core-1 | 2024-08-19 09:17:20,957 INFO spawned: 'cache_03' with pid 3066 misp-core-1 | 2024-08-19 09:17:20,959 INFO spawned: 'cache_04' with pid 3071 misp-core-1 | 2024-08-19 09:17:20,960 INFO spawned: 'prio_00' with pid 3078 misp-core-1 | 2024-08-19 09:17:20,961 INFO spawned: 'prio_01' with pid 3079 misp-core-1 | 2024-08-19 09:17:20,962 INFO spawned: 'prio_02' with pid 3080 misp-core-1 | 2024-08-19 09:17:20,963 INFO spawned: 'prio_03' with pid 3083 misp-core-1 | 2024-08-19 09:17:20,970 INFO spawned: 'update_00' with pid 3092 misp-core-1 | 2024-08-19 09:17:21,035 WARN exited: default_00 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,035 INFO gave up: default_00 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,049 WARN exited: default_02 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,049 WARN exited: default_04 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,049 INFO gave up: default_02 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,049 INFO gave up: default_04 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,066 WARN exited: cache_00 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,066 INFO gave up: cache_00 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,072 WARN exited: default_03 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,072 INFO gave up: default_03 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,081 WARN exited: update_00 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,081 INFO gave up: update_00 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,098 WARN exited: default_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,098 INFO gave up: default_01 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,119 WARN exited: email_00 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,119 WARN exited: email_02 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,119 WARN exited: cache_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,119 INFO gave up: email_00 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,119 INFO gave up: email_02 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,119 INFO gave up: cache_01 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,125 WARN exited: email_04 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,125 INFO gave up: email_04 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,133 WARN exited: email_03 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,133 WARN exited: cache_03 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,133 INFO gave up: email_03 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,133 INFO gave up: cache_03 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,143 WARN exited: email_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,143 WARN exited: cache_04 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,143 WARN exited: prio_03 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,144 INFO gave up: email_01 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,144 INFO gave up: cache_04 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,144 INFO gave up: prio_03 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,152 WARN exited: prio_02 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,152 INFO gave up: prio_02 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,168 WARN exited: prio_00 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,168 INFO gave up: prio_00 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:22,169 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:22,170 INFO spawned: 'prio_04' with pid 3179 misp-core-1 | 2024-08-19 09:17:22,170 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:22,243 INFO spawned: 'prio_01' with pid 3187 misp-core-1 | 2024-08-19 09:17:22,316 WARN exited: prio_04 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:22,316 INFO gave up: prio_04 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:23,318 INFO spawned: 'cache_02' with pid 3195 misp-core-1 | 2024-08-19 09:17:23,318 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:23,319 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:23,392 INFO spawned: 'prio_01' with pid 3203 misp-core-1 | 2024-08-19 09:17:23,465 WARN exited: cache_02 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:23,466 INFO gave up: cache_02 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:24,467 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:24,468 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:25,470 INFO spawned: 'prio_01' with pid 3218 misp-core-1 | 2024-08-19 09:17:26,543 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:26,543 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:27,545 INFO spawned: 'prio_01' with pid 3233 misp-core-1 | 2024-08-19 09:17:28,619 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:28,619 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:29,621 INFO spawned: 'prio_01' with pid 3248 misp-core-1 | 2024-08-19 09:17:30,695 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:30,695 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:31,698 INFO spawned: 'prio_01' with pid 3263 misp-core-1 | 2024-08-19 09:17:32,771 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:32,771 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:33,774 INFO spawned: 'prio_01' with pid 3278 misp-core-1 | 2024-08-19 09:17:34,846 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:34,847 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:35,849 INFO spawned: 'prio_01' with pid 3293 misp-core-1 | 2024-08-19 09:17:36,922 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:36,922 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:37,924 INFO spawned: 'prio_01' with pid 3308 misp-core-1 | 2024-08-19 09:17:38,997 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:38,998 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:40,000 INFO spawned: 'prio_01' with pid 3323 misp-core-1 | 2024-08-19 09:17:41,073 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:41,073 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:42,075 INFO spawned: 'prio_01' with pid 3338 misp-core-1 | 2024-08-19 09:17:43,148 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:43,148 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:44,150 INFO spawned: 'prio_01' with pid 3353 misp-core-1 | 2024-08-19 09:17:45,224 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:45,224 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:46,226 INFO spawned: 'prio_01' with pid 3368 misp-core-1 | 2024-08-19 09:17:47,300 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:47,300 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:48,302 INFO spawned: 'prio_01' with pid 3383 misp-core-1 | 2024-08-19 09:17:49,376 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:49,376 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:50,379 INFO spawned: 'prio_01' with pid 3398 misp-core-1 | 2024-08-19 09:17:51,452 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:51,452 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:52,454 INFO spawned: 'prio_01' with pid 3413 misp-core-1 | 2024-08-19 09:17:53,528 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:53,529 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:54,531 INFO spawned: 'prio_01' with pid 3428 misp-core-1 | 2024-08-19 09:17:55,606 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:55,606 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:56,608 INFO spawned: 'prio_01' with pid 3443 misp-core-1 | 2024-08-19 09:17:57,680 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:57,681 WARN exited: prio_01 (exit status 1; not expected)
As a @ostefano recommeds me in Giter, I have removed all docker images and redis volume but issue is not solved.
All docker images are running without problems, apparently:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8d44002651b6 ghcr.io/misp/misp-docker/misp-core:latest "/entrypoint.sh" 2 minutes ago Up 2 minutes (healthy) 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 127.0.0.1:27051->27051/tcp misp-misp-core-1 0eb5dc790275 ghcr.io/misp/misp-docker/misp-modules:latest "/usr/local/bin/misp…" 2 minutes ago Up 2 minutes misp-misp-modules-1 1f8870274ecb mariadb:10.11 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes (healthy) 3306/tcp misp-db-1 83505493d71b valkey/valkey:7.2 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes (healthy) 6379/tcp misp-redis-1 62035ab78524 ixdotai/smtp "/bin/entrypoint.sh …" 2 minutes ago Up 2 minutes 25/tcp misp-mail-1
My .env file is:
Build-time variables
CORE_TAG=v2.4.195 MODULES_TAG=v2.4.195 PHP_VER=20190902 LIBFAUP_COMMIT=3a26d0a
PYPY_* vars take precedence over MISP's
PYPI_REDIS_VERSION="==5.0.*"
PYPI_LIEF_VERSION=">=0.13.1"
PYPI_PYDEEP2_VERSION="==0.5.*"
PYPI_PYTHON_MAGIC_VERSION="==0.4.*"
PYPI_MISP_LIB_STIX2_VERSION="==3.0.*"
PYPI_MAEC_VERSION="==4.1.*"
PYPI_MIXBOX_VERSION="==1.0.*"
PYPI_CYBOX_VERSION="==2.1.*"
PYPI_PYMISP_VERSION="==2.4.178"
CORE_COMMIT takes precedence over CORE_TAG
CORE_COMMIT=c56d537
MODULES_COMMIT takes precedence over MODULES_TAG
MODULES_COMMIT=de69ae3
Run-time variables
Email/username for user #1, defaults to MISP's default (admin@admin.test)
ADMIN_EMAIL=admin.cti@mydomain.com
name of org #1, default to MISP's default (ORGNAME)
ADMIN_ORG=MISP Platform.
defaults to an automatically generated one
ADMIN_KEY=
defaults to MISP's default (admin)
ADMIN_PASSWORD=
defaults to 'passphrase'
GPG_PASSPHRASE=mypassinternal
defaults to 1 (the admin user)
CRON_USER_ID=1
defaults to 'https://localhost'
BASE_URL=https://misp.mydomain.com
store settings in db except those that must stay in config.php. true/false, defaults to false
ENABLE_DB_SETTINGS=true
optional and used by the mail sub-system
SMARTHOST_ADDRESS=mail.mydomain.com SMARTHOST_PORT=25 SMARTHOST_USER= SMARTHOST_PASSWORD= SMARTHOST_ALIASES=
optional comma separated list of IDs of syncservers (e.g. SYNCSERVERS=1)
For this to work ADMIN_KEY must be set, or AUTOGEN_ADMIN_KEY must be true (default)
SYNCSERVERS=
note: if you have more than one syncserver, you need to update docker-compose.yml
SYNCSERVERS_1_URL= SYNCSERVERS_1_NAME= SYNCSERVERS_1_UUID= SYNCSERVERS_1_KEY=
optional and used to set mysql db and credentials
MYSQL_HOST=
MYSQL_PORT=
MYSQL_USER=cti MYSQL_PASSWORD=f14abaeb07160033d60114110a6af2c06abd59416f8b9b38dc551d6342a18c2b MYSQL_ROOT_PASSWORD=c40aa130af1eb54d8ace33fc5e8d13e4dab7b8e1e2532164e7d135f8fa541c13 MYSQL_DATABASE=dbmisp
These variables allows overriding some MISP email values.
They all default to ADMIN_EMAIL.
MISP.email, used for notifications. Also used
for GnuPG.email and GPG autogeneration.
MISP_EMAIL=admin.cti@mydomain.com
MISP.contact, the e-mail address that
MISP should include as a contact address
for the instance's support team.
MISP_CONTACT=support@mydomain.com
Enable GPG autogeneration (default true)
AUTOCONF_GPG=true
Enable admin (user #1) API key autogeneration
if ADMIN_KEY is not set above (default true)
AUTOGEN_ADMIN_KEY=true
Disable IPv6 completely
DISABLE_IPV6=true
Disable SSL redirect
DISABLE_SSL_REDIRECT=true
Enable OIDC authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/OidcAuth/README.md
OIDC_ENABLE=true
OIDC_PROVIDER_URL=
OIDC_CLIENT_ID=
OIDC_CLIENT_SECRET=
OIDC_ROLES_PROPERTY="roles"
OIDC_ROLES_MAPPING="{\"admin\": \"1\"}"
OIDC_DEFAULT_ORG=
Enable LDAP (using the ApacheSecureAuth component) authentication, according to https://github.com/MISP/MISP/issues/6189
NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component, users should not be able to control the HTTP header configured in LDAP_APACHE_ENV (e.g. REMOTE_USER).
This means you must not allow direct access to MISP.
LDAP_ENABLE=true
LDAP_APACHE_ENV="REMOTE_USER"
LDAP_SERVER="ldap://your_domain_controller"
LDAP_STARTTLS=true
LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net"
LDAP_READER_PASSWORD="password"
LDAP_DN="OU=Users,DC=domain,DC=net"
LDAP_SEARCH_FILTER=""
LDAP_SEARCH_ATTRIBUTE="uid"
LDAP_FILTER="[\"mail\", \"uid\", \"cn\" ]"
LDAP_DEFAULT_ROLE_ID="3"
LDAP_DEFAULT_ORG="1"
LDAP_EMAIL_FIELD="[\"mail\"]"
LDAP_OPT_PROTOCOL_VERSION="3"
LDAP_OPT_NETWORK_TIMEOUT="-1"
LDAP_OPT_REFERRALS=false
Enable Azure AD (Entra) authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/AadAuth/README.md
AAD_ENABLE=true
AAD_CLIENT_ID=
AAD_TENANT_ID=
AAD_CLIENT_SECRET=
AAD_REDIRECT_URI="https://misp.mydomain.com/users/login"
AAD_PROVIDER="https://login.microsoftonline.com/"
AAD_PROVIDER_USER="https://graph.microsoft.com/"
AAD_MISP_USER="Misp Users"
AAD_MISP_ORGADMIN="Misp Org Admins"
AAD_MISP_SITEADMIN="Misp Site Admins"
AAD_CHECK_GROUPS=false
Enable the use of a Proxy server
PROXY_ENABLE=true
PROXY_HOST=
PROXY_PORT=
PROXY_METHOD=
PROXY_USER=
PROXY_PASSWORD=
My host is a Debian 12 amd64.