search

SecurityRiskAdvisors / VECTR

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
1.36k stars 161 forks source link

Heatmap not loading stuck at gathering data #80

Closed mill25joe closed 4 years ago

mill25joe commented 4 years ago

Hello all, Everything has been working great with VECTR, and we have run a handful of assessments. I can view the metric for each one or all together, except the heatmap. It was working, but now when anyone attempts to see it, "gathering data" pops up and then sits there and spins. I have upgraded to 5.6.1, hoping that would fix the issue but no dice. I have looked in this issues forum and have not found any others like it. All advice would be appreciated.
image

thebleucheese commented 4 years ago

Can you check the docker logs to see if there are any errors? We've seen this a few times and I think a fix was put in place for one way this could occur in 5.6.1, but it looks like it didn't catch all the error scenarios. 

sudo docker ps -a

to get a list of running containers, and then run 

sudo docker logs sandbox1_tomcat_1

or replace sandbox1_tomcat_1 with whatever the name of the vectr container is. A stack trace in the logs might help us identify the issue.

An older bug with this was the screen wouldn't finish loading when an assessment was run with all Test Cases that didn't have MITRE Technique ID's set. I think that was fixed, but I don't have the issue tracker in front of me right now. There's another report under the Report Type selector called "Data Integrity" that we use to clean up after a live Purple Team exercise - that could shed some light on a few issues.

mill25joe commented 4 years ago

VECTR Log.txt

mill25joe commented 4 years ago

I did not see any error looking through the log,

I did create a bunch of new test cases, I believe I added a Mitre ID to each of them. I am double checking now to ensure.

I also attached a view of the Data integrity report

Vectr Data integrity

thebleucheese commented 4 years ago

Ok nothing in that report should be causing this. I'm going to tweak some things in our unit tests to see if I can reproduce it.

Can you send an email to vectrops@securityriskadvisors.com referencing this issue? If I can't reproduce and you're interested in investigating the issue with us, we can coordinate timing to jump on a call sometime soon to try to diagnose and get in a fix for the next release.

mill25joe commented 4 years ago

Thank you @thebleucheese, after contacting vectrops@securityriskadvisors.com we were able to resolve. Here is what fixed my issue if anyone else needs the info.

• Delete the directory /resources/datasets/ and its contents on your VECTR host. • Then restart the VECTR docker container either by running sudo docker restart or sudo docker-compose down then sudo docker-compose up from the VECTR deploy directory

thebleucheese commented 4 years ago

Fixed in 5.6.2