search

csirtgadgets / massive-octo-spice

DEPRECATED - USE v3 (bearded-avenger)
https://github.com/csirtgadgets/bearded-avenger-deploymentkit/wiki
GNU Lesser General Public License v3.0
227 stars 62 forks source link

cif-smrt error #453

Closed DangerView closed 7 years ago

DangerView commented 7 years ago

I don't know why cif-smrt can't work

enter the command cif-smrt

EV: error in callback (ignoring): YAML::Tiny found bad indenting in line ' regist EV: error in callback (ignoring): YAML::Tiny found bad indenting in line ' registrars: ' at /opt/cif/bin/../lib/per

thanks for your support.

wesyoung commented 7 years ago

what does your /etc/cif/rules/default/malwaredomains.yml file look like?

wesyoung commented 7 years ago

also; if you have a longer debug output, that'd help too (run cif-smrt with the -d option).

DangerView commented 7 years ago

root@racknum113:/home/racknum113# /opt/cif/bin/cif-smrt -r /etc/cif/rules/default -d --randomstart 0 [2016-10-14T09:31:17,952Z][5035][INFO][main:235]: staring up... [2016-10-14T09:31:17,954Z][5035][DEBUG][main:266]: random start set to: 0 [2016-10-14T09:31:17,954Z][5035][INFO][main:268]: delaying start for: 0min then running every 60min there after... [2016-10-14T09:31:17,954Z][5035][INFO][main:269]: to run immediately, set: --randomstart 0 or --testmode [2016-10-14T09:31:17,954Z][5035][INFO][main:270]: to see the list of options, use -h [2016-10-14T09:31:17,958Z][5035][DEBUG][main:292]: running pid: 5036 [2016-10-14T09:31:17,958Z][5036][DEBUG][main:381]: cleaning up tmp: /var/smrt/cache EV: error in callback (ignoring): YAML::Tiny found bad indenting in line ' registrars: ' at /opt/cif/bin/../lib/perl5/CIF.pm line 90.

It's over.

I can't find special things in /etc/cif/rules/default/malwaredomains.yml.

wesyoung commented 7 years ago

make sure you sudo su - cif first, and within that dir you should see a malwaredomains.yml

cif@vagrant-ubuntu-trusty-64:/etc/cif/rules/default$ ls -all | grep malwaredomains
-rw-rw---- 1 cif cif  830 Oct 13 12:22 malwaredomains.yml

it sounds like something in that file may be messed up, try moving the file to ~/ and re-running to see if things run smoothly...

DangerView commented 7 years ago

I have no idea it's different file malwaredomains.yml

-rw-rw---- 1 cif cif 858 Sep 26 09:20 malwaredomains.yml

so file move directory /home/

mv malwaredomains.yml /home/

/opt/cif/bin/cif-smrt -r /etc/cif/rules/default/ -D --randomstart 0 -d

after cif status normal. it is working.

thanks your support!

wesyoung commented 7 years ago

if you want to re-try it, grab a copy of this file:

https://raw.githubusercontent.com/csirtgadgets/massive-octo-spice/master/src/rules/default/malwaredomains.yml

and see if there are any differences...