search

clong / DetectionLab

Automate the creation of a lab environment complete with security tooling and logging best practices
MIT License
4.6k stars 980 forks source link

win10: deployment errors #34

Closed ghost closed 6 years ago

ghost commented 6 years ago

Sorry for another one, I kicked off just the win10 machine and got a few errors. Looks like atom stuff and splunk.

win10: gyp info it worked if it ends with ok
    win10: gyp info using node-gyp@3.4.0
    win10: gyp info using node@6.9.5 | win32 | x64
    win10: gyp http GET https://atom.io/download/electron/v1.6.15/iojs-v1.6.15.tar.gz
    win10: gyp http 200 https://atom.io/download/electron/v1.6.15/iojs-v1.6.15.tar.gz
    win10: gyp http GET https://atom.io/download/electron/v1.6.15/SHASUMS256.txt
    win10: gyp http GET https://atom.io/download/electron/v1.6.15/win-x86/iojs.lib
    win10: gyp http GET https://atom.io/download/electron/v1.6.15/win-x64/iojs.lib
    win10: gyp WARN install got an error, rolling back install
    win10: gyp ERR! install error
    win10: gyp ERR! stack Error: getaddrinfo ENOTFOUND atom.io atom.io:443
    win10: gyp ERR! stack     at errnoException (dns.js:28:10)
    win10: gyp ERR! stack     at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:76:26)
    win10: gyp ERR! System Windows_NT 10.0.15063
    win10: gyp ERR! command "C:\\Users\\vagrant\\AppData\\Local\\atom\\app-1.23.1\\resources\\app\\apm\\bin\\node.exe" "C:\\Users\\vagrant\\AppData\\Local\\atom\\app-1.23.1\\resources\\app\\apm\\node_modules\\node-gyp\\bin\\node-gyp.js" "install" "--runtime=electron" "--target=1.6.15" "--dist-url=https://atom.io/download/electron" "--arch=x64" "--ensure"
    win10: gyp ERR! cwd C:\Users\vagrant\.atom
    win10: gyp ERR! node -v v6.9.5
    win10: gyp ERR! node-gyp -v v3.4.0
    win10: gyp ERR! not ok
    win10:

Another error

win10: Stop-Service : Service 'SplunkForwarder Service (splunkforwarder)' cannot be stopped due to the following error:
    win10: Cannot stop splunkforwarder service on computer '.'.
    win10: At C:\tmp\vagrant-shell.ps1:7 char:1
    win10: + Stop-Service splunkforwarder
    win10: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    win10:     + CategoryInfo          : CloseError: (System.ServiceProcess.ServiceController:ServiceController) [Stop-Service],
    win10:    ServiceCommandException
    win10:     + FullyQualifiedErrorId : CouldNotStopService,Microsoft.PowerShell.Commands.StopServiceCommand
    win10: WARNING: Waiting for service 'SplunkForwarder Service (splunkforwarder)' to start...
    win10: WARNING: Waiting for service 'SplunkForwarder Service (splunkforwarder)' to start...
clong commented 6 years ago

This issue looks to be related to #33 - DNS resolution is failing, which probably means:

Can you confirm if any of these are the case?

ghost commented 6 years ago

It should have been up, I started by bringing that one online first. I just tried again by running "vagrant reload win10 --provision" and got the same error

clong commented 6 years ago

Can you start the build from scratch and see if this is reproducible? This will wipeout your current VMs and start the rebuild process all over again.

From inside the DetectionLab/Vagrant folder: vagrant destroy -f vagrant up

clong commented 6 years ago

Hey @iwebsguy - just wanted to follow up here and see if you were ever able to get this working or if you were still having this specific issue.

ghost commented 6 years ago

Sorry for reopening but just wanted to say that I gave up on getting it working. However I did end up using some of what you put together to implement WEF, PowerShell logging, and some the auditing GPOs in our production environment so thanks for that.