search

cisagov / Malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
https://cisagov.github.io/Malcolm/
Other
1.91k stars 319 forks source link

Documentation regarding docker compose up does not work #296

Closed op3n-a1 closed 8 months ago

op3n-a1 commented 8 months ago

🐛 Summary

Tried to deploy malcom for pcap analysis but the docker compose commands mentioned in the documentation does not work.

Documentation Link: https://cisagov.github.io/Malcolm/docs/quickstart.html

git clone https://github.com/cisagov/Malcolm.git
docker compose --profile malcolm pull

Below is error:

env file /home/user/Malcolm/config/process.env not found: stat /home/user/Malcolm/config/process.env: no such file or directory

docker compose --profile malcom up --build --attach-dependencies

OS: Ubuntu 22.04.3 LTS

Docker version:

docker version
Client: Docker Engine - Community
 Version:           25.0.0
 API version:       1.44
 Go version:        go1.21.6
 Git commit:        e758fe5
 Built:             Thu Jan 18 17:09:49 2024
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          25.0.0
  API version:      1.44 (minimum version 1.24)
  Go version:       go1.21.6
  Git commit:       615dfdf
  Built:            Thu Jan 18 17:09:49 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.27
  GitCommit:        a1496014c916f9e62104b33d1bb5bd03b0858e59
 runc:
  Version:          1.1.11
  GitCommit:        v1.1.11-0-g4bccb38
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
mmguero commented 8 months ago

The first time you run the ./scripts/configure script it will generate the .env files at which point you'll be able to pull the docker images.

It's recommended you use the control scripts (./scripts/start, etc.) rather than running compose directly, as they ensure some necessary steps are taken prior to starting Malcolm.