investigation is not processed

[seabaz]

Hi,

Managed to get the image installed and setup the investigations within Kibana, however I encountered issue when uploading the .mans file, there is no response, and the processing is not completed. Have attempted to restart the service, no success. Is there logging or next step to be done during the installation (which probably missed from the readme documentation)? Thanks

[roshanmaskey]

Hi Seabaz,

If you are using redline collector, you will have to zip the folder containing audits files and upload that file. The file path generally is Sessions\AnalysisSession1\Audits{computer name}

Please zip folder containing audits and upload the zip.

If you would like to verify if the file is being process, please use following commands.

ps -ef | grep nightHawk

You should see something like /opt/nighthawk/bin/./nightHawk -v -N {case name} -f /opt/nighthawk/var/media/{filename}

We will be working on writing script to automatically create zip file for you for your Redline output

[biggiesmallsAG]

Yeah just to clarify;

Redline collector - audit files inside the datetime folder need to be zipped up (including any .json files). HX Collector - .mans is a zip archive, this can be uploaded directly.

Ill put up a wiki article on this including screencaps.