search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.53k stars 1.7k forks source link

Elasticsearch & Memory dump and analysis Error #1629

Open hakawati opened 7 years ago

hakawati commented 7 years ago

The elasticsearch template provided by cuckoo sandbox can not contain memory dump analysis information. So when I do a memory dump analysis and an elasticsearch, I get an error. Can you check it out?

jbremer commented 7 years ago

Thanks for the feedback. Looping in @razuz @swackhamer @RicoVZ @KillerInstinct @doomedraven.

razuz commented 7 years ago

@hakawati can you paste the error you're seeing ?

SparkyNZL commented 7 years ago

I'll look into this as well.

Are you referring to a volitality full memory dump ?

Sent from my spaceship...

On 6/06/2017 7:38 PM, "razuz" notifications@github.com wrote:

can you paste the error you're seeing ?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/cuckoosandbox/cuckoo/issues/1629#issuecomment-306407052, or mute the thread https://github.com/notifications/unsubscribe-auth/AQ_imA14ixLK1TuesKZWo6ruXBoaFsucks5sBQIBgaJpZM4Nw5EL .

hakawati commented 7 years ago

This is an error message. Full memory dump works well. However, elasticsearch could not find the contents of full memory dump. It probably does not seem to have been created to store a full memory dump in the elasticsearch template.

2017-06-06 17:52:11,954 [elasticsearch] WARNING: POST http://192.168.0.251:9200/cuckoo-2017/cuckoo [status:N/A request:1.020s]
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 114, in perform_request
    response = self.pool.urlopen(method, url, body, retries=False, headers=self.headers, **kw)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 649, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py", line 333, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 600, in urlopen
    chunked=chunked)
  File "/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py", line 379, in _make_request
    httplib_response = conn.getresponse(buffering=True)
  File "/usr/lib/python2.7/httplib.py", line 1136, in getresponse
    response.begin()
  File "/usr/lib/python2.7/httplib.py", line 485, in begin
    self.msg = HTTPMessage(self.fp, 0)
  File "/usr/lib/python2.7/mimetools.py", line 25, in __init__
    rfc822.Message.__init__(self, fp, seekable)
  File "/usr/lib/python2.7/rfc822.py", line 108, in __init__
    self.readheaders()
  File "/usr/lib/python2.7/httplib.py", line 312, in readheaders
    raise HTTPException("got more than %d headers" % _MAXHEADERS)
ProtocolError: ('Connection aborted.', HTTPException('got more than 100 headers',))