dougburks
commented
3 years ago Security Onion 2 questions should go to the Security Onion 2 discussion site: https://securityonion.net/discuss
Thanks!
Closed mdeal5 closed 3 years ago
dougburks
commented
3 years ago Security Onion 2 questions should go to the Security Onion 2 discussion site: https://securityonion.net/discuss
Thanks!
mdeal5
commented
3 years ago Thanks! I figured out the problem anyway. I didn't mean to post in the wrong area. Apologies.
Sponsored by https://www.newser.com/?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Here's Aunt Jemima's New Name http://thirdpartyoffers.juno.com/TGL3131/6023df014b00f5f016d24st01vuc1 Trump Wasn't Pleased With His 'Rambling' Lawyers: Report http://thirdpartyoffers.juno.com/TGL3131/6023df016e7bb5f016d24st01vuc2 Oakland Police Arrest Suspect in Attack on Elderly Asian Man http://thirdpartyoffers.juno.com/TGL3131/6023df01921e55f016d24st01vuc3
I read the information and when I tried to access the https://securityonion.net/docs/mailing-lists, I got a page not found response, so I'm giving this a shot instead. Apologies if this is inappropriate.
OK. I'm attempting to install Security Onion 2.3.21 as a hyper-v guest.
During the phase where I'm setting it up as an Eval unit, I get the following error during the Applying so-fleet-setup Salt state portion of the install.
/78me/user/ tyOnion/setup/so-setup: line 824: 35725 Aborted salt-call state.apply -l curator >> $setup_log 2>&11
After the install "completes" the /root/errors.log gives me the following...
[ERROR ] Unable to cache file 'salt://fleet/packages/launcher.rpm' from saltenv 'base'. [ERROR ] An exception occurred in this state: Traceback (most recent call last):
The /root/setup.log (forgive me, I forget if this is the correct name for that log, but it is the log location that is supplied along with the /root/errors.log after setup completes) the only error that I can find is the following.
cp: cannot stat '/home/user/SecurityOnion/files/intel.dat' : No such file or directory Chown the salt dirs on the manager for socore Host group does not exist
After restart, siem_eval is indicated as possibly being in a restart_needed status. Checking so-status, gives me a flashing cursor and the Docker status is in WAIT_START. Screenshot attached below.
I can't find anything that indicates that hyper-v is a supported hypervisor and I really don't want to waste a ton of time on something that isn't possible. Any assistance would be greatly appreciated. Thank you.
PLEASE STOP AND READ THIS INFORMATION!
If you are creating an issue just to ask a question, you will likely get faster and better responses by posting to our mailing list instead: https://securityonion.net/docs/mailing-lists
If you have found a bug in Security Onion, you can continue with creating an issue here, but please make sure you have done the following: