Closed Ramshield closed 7 years ago
Well, found what caused it:
2017-04-21 14:45:50,165 - INFO - Core: Finished session UUID e5674e70-b9c1-4b9c-9b1d-e1c80888a93c for user jim to host 94.228.216.5
Any idea on how to fix this?
looks like setting session logs had a problem , can you setup debug logging in /etc/aker.ini
and retry .
also , whats output of ls -al /var/log/aker/
?
As stated in aker.py, I set it to chmod 777:
ls -al /var/log/aker/ total 32 drwxr-xr-x 2 root root 4096 Apr 21 12:37 . drwxr-xr-x 8 root root 4096 Apr 21 12:37 .. -rwxrwxrwx 1 root root 17083 Apr 21 15:43 aker.log
How do I enable debug mode?
If I read this correctly :
drwxr-xr-x 2 root root 4096 Apr 21 12:37 .
It looks the standard 755
try again after chmod 777 /var/log/aker
as for debug mode , just edit /etc/aker.ini and set :
log_level = DEBUG
Yep, that was the issue, the /var/log/aker permission.
Would be nice if you could report a bit more detail in the log, to find the exact cause a bit quicker. But thanks for the help, works pretty sweet so far!
EDIT: And add it to the manual. Found quite a few things that weren't as your tutorial, which took quite a bit more work. Like where to place the json file for example.
Glad its working now . You're totally right , I need to update the docs and add more error handling/reporting .
I will do that soon .
Can you please point to all steps that wasn't clear for you so I get them covered ?
Well first of all, it isn't documented at all that you should chmod 777 the /var/log/aker file. Second, the hosts.json file needs to be placed in /etc/ as well if you don't use FreeAPI.
Perhaps you can add some documentation on how to properly add hosts, and add extra user groups. I'm personally struggling with the last. I want 2 different groups in the hosts.json file but not sure on how to do that.
Third, specify the OS versions you tested, and for CentOS recommend CentOS 7 due to Python 2.7. CentOS 6 supports Python 2.7 but is a lot harder to setup, and I personally haven't even been able to.
Fourth, as a tip, to only enable users to use the aker.py script, you can add the following:
Add /bin/aker/aker.py to /etc/shells
echo "/bin/aker/aker.py" >> /etc/shells
Change user shell to aker
chsh -s /bin/aker/aker.py username
Taken from: https://n0where.net/aker-ssh-gateway/
Last, I wasn't able to install the modules on CentOS 7.3.1611 with YUM at all. I used pip:
pip install configparser
pip install urwid
pip install paramiko
pip install wcwidth
pip install pyte
Tried this on 2 different CentOS installs (both clean installs, minimal) but didn't work. If you'd like, I'd be happy to help you rewrite the README file, to make it more user-friendly based on my personal experiences.
Just redone the README file with the latest release , please take a look and let me know how it goes
Seems pretty good. Are you able to make a small how-to on how to enable reading of log files in Kibana? I've been able to setup Kibana, but for some reason having some trouble reading your logs, adding the Index pattern and such...: https://puu.sh/vKyFO/0097ac2c0f.png (I left out username and IP for safety reasons).
judging by the screenshot I think you didn't use provided filebeat/logstash setup.
Can you please use this playbook : https://github.com/aker-gateway/aker-elk-playbook
It sets up kibana dashboards which should be fairly usable IMHO, it also sets theconnection from client (aker) to elasticsearch.
Please give it a try and open a new issue in case you got a problem .
Fixed it by using filebeat. Took my quite a bit to figure out. Thanks, closed.
This happens when selecting a host and press enter. Same issue occurs when I login as the user. Any idea?
uname -r 3.10.0-327.4.4.el7.centos.plus.x86_64 python -V Python 2.7.5