search

corelight / zeek-community-id

Zeek support for Community ID flow hashing.
https://github.com/corelight/community-id-spec
Other
33 stars 18 forks source link

zeek install corelight/bro-community-id does not work #6

Closed shreyashitest closed 4 years ago

shreyashitest commented 5 years ago

zkg install bro-community-id

The following packages will be INSTALLED: zeek/corelight/bro-community-id (1.2)

Proceed? [Y/n] Y Running unit tests for "zeek/corelight/bro-community-id" error: failed to run tests for zeek/corelight/bro-community-id: package build_command failed, see log in /root/.zkg/logs/bro-community-id-build.log Proceed to install anyway? [N/y] y Installing "zeek/corelight/bro-community-id" Failed installing "zeek/corelight/bro-community-id": package build_command failed, see log in /root/.zkg/logs/bro-community-id-build.log error: incomplete installation, the follow packages failed to be installed: zeek/corelight/bro-community-id (1.2)

0snap commented 4 years ago

I second this issue with regard to the currently latest, stable Zeek version v3.1.1.

zkg install --force corelight/bro-community-id

Running unit tests for "zeek/corelight/bro-community-id"
error: failed to run tests for zeek/corelight/bro-community-id: package build_command failed, see log in <path>/.zkg/logs/bro-community-id-build.log
Installing "zeek/corelight/bro-community-id".
Failed installing "zeek/corelight/bro-community-id": package build_command failed, see log in <path>/.zkg/logs/bro-community-id-build.log
error: incomplete installation, the follow packages failed to be installed:
  zeek/corelight/bro-community-id (1.2)

The logs are empty:

cat <path>/.zkg/logs/bro-community-id-build.log
=== STDERR ===
=== STDOUT ===

I also tried to set the verbose option and skipped the tests via zkg --verbose install --force --skiptests corelight/bro-community-id, but the output and error message are the same.

Is this plugin still maintained?

ckreibich commented 4 years ago

Sorry for the glacial follow-up here, folks. Yep, definitely still maintained! The installation fails because that package isn't sufficiently zeekified for 3.1. Looking into it.

ckreibich commented 4 years ago

I believe this is fixed in the topic/christian/zeek-3.1-support branch. If you could try an installation to see if it works for you, I'd much appreciate that. I'm planning to go ahead and merge it to master in a day or so. Once merged, I'm also planning to rename the repo to zeek-community-id. Thanks!

ckreibich commented 4 years ago

Should be addressed, thanks!