clong
commented
2 years ago Looking into this now
Closed es20g13 closed 2 years ago
clong
commented
2 years ago Looking into this now
clong
commented
2 years ago Hmm, I'm not able to reproduce this:
Can you try reprovisioning logger? Something seems to have gone wrong because in your screenshot it cant find /opt/fleet/server.crt, which should be there.
es20g13
commented
2 years ago I've now been able to fix this by removing and re-adding the logger file. Consequently, velociraptor stopped working so I tried the fix with https://github.com/clong/DetectionLab/issues/806. Not able to see Windows 10 logs on SPlunk/Velociraptor though
clong
commented
2 years ago OK, closing this issue then. If you're having problems with other parts of the lab, please open a new issue
Description of the issue:
Vagrant isn't working here While building the logger host, I'm running into the following error message that causes the build to stop: Fleet isn't working although everything else seems to work. Also tried fixing using the issue thread from https://github.com/clong/detectionlab/issues/785
Error message goes here Post build checks: [] Verifying vmnet2 interface has its IP address set correctly [ √ ] VMNet2 is correctly set to 192.168.56.1! [] Verifying that Splunk is reachable... [ √ ] Splunk is running and reachable!
[*] Verifying that Fleet is reachable... Error occured on webrequest: Exception calling "DownloadString" with "1" argument(s): "Unable to connect to the remote server" [!] Fleet was unreachable and may not have installed correctly.
[*] Verifying that Microsoft ATA is reachable... [ √ ] Microsoft ATA is running and reachable!
[*] Verifying that Velociraptor is reachable... Error occured on webrequest: Exception calling "DownloadString" with "1" argument(s): "Unable to connect to the remote server" [!] Velociraptor was unreachable and may not have installed correctly.
service fleet status output:
Apr 28 09:53:03 logger fleet[6416]: # Your Fleet database has unrecognized migrations. This could happen when
Apr 28 09:53:03 logger fleet[6416]: # running an older version of Fleet on a newer migrated database.
Apr 28 09:53:03 logger fleet[6416]: #
Apr 28 09:53:03 logger fleet[6416]: # Unknown migrations: tables=[20220307104655 20220309133956 20220316155700 20220323152301 20220330100659 20220404091216], data=[].
Apr 28 09:53:03 logger fleet[6416]: ################################################################################
Apr 28 09:53:03 logger fleet[6416]: {"component":"redis","level":"info","mode":"standalone","ts":"2022-04-28T09:53:03.054857458Z"}
Apr 28 09:53:03 logger fleet[6416]: {"component":"crons","cron":"vulnerabilities","level":"info","software inventory":"not configured","ts":"2022-04-28T09:53:03.067385787Z"}
Apr 28 09:53:03 logger fleet[6416]: {"address":"0.0.0.0:8412","msg":"listening","transport":"https","ts":"2022-04-28T09:53:03.0880715Z"}
Apr 28 09:53:03 logger fleet[6416]: {"terminated":"open /opt/fleet/server.crt: no such file or directory","ts":"2022-04-28T09:53:03.088506623Z"}
Apr 28 09:53:03 logger systemd[1]: fleet.service: Succeeded.
-->