search

ibmresilient / resilient-community-apps

Source code for IBM SOAR Apps that are available on our App Exchange
https://ibm.biz/soar-apps-docs
MIT License
88 stars 96 forks source link

Resilient - Elasticsearch data feed plugin pointing to a non-existing pip package #55

Closed hmnguyen1201 closed 4 years ago

hmnguyen1201 commented 4 years ago

Description

**I got this error when trying to install the plugin using command: [sudo] pip install --upgrade rc_data_feed-plugin-elasticsearch-

.tar.gz** **Output:** Processing ./rc_data_feed_plugin_elasticfeed-1.0.0.tar.gz Collecting rc_data_feed (from rc-data-feed-plugin-elasticfeed==1.0.0) Exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/pip/basecommand.py", line 215, in main status = self.run(options, args) File "/usr/lib/python3/dist-packages/pip/commands/install.py", line 342, in run requirement_set.prepare_files(finder) File "/usr/lib/python3/dist-packages/pip/req/req_set.py", line 380, in prepare_files ignore_dependencies=self.ignore_dependencies)) File "/usr/lib/python3/dist-packages/pip/req/req_set.py", line 554, in _prepare_file require_hashes File "/usr/lib/python3/dist-packages/pip/req/req_install.py", line 278, in populate_link self.link = finder.find_requirement(self, upgrade) File "/usr/lib/python3/dist-packages/pip/index.py", line 465, in find_requirement all_candidates = self.find_all_candidates(req.name) File "/usr/lib/python3/dist-packages/pip/index.py", line 423, in find_all_candidates for page in self._get_pages(url_locations, project_name): File "/usr/lib/python3/dist-packages/pip/index.py", line 568, in _get_pages page = self._get_page(location) File "/usr/lib/python3/dist-packages/pip/index.py", line 683, in _get_page return HTMLPage.get_page(link, session=self.session) File "/usr/lib/python3/dist-packages/pip/index.py", line 795, in get_page resp.raise_for_status() File "/usr/share/python-wheels/requests-2.18.4-py2.py3-none-any.whl/requests/models.py", line 935, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 404 Client Error: Not Found for url: https://pypi.org/simple/rc-data-feed/ ## Describe How to Reproduce Just download the package from https://exchange.xforce.ibmcloud.com/hub/extension/991d8a93e41be0d9a7502ba8e121ce5f and run command: [sudo] pip install --upgrade rc_data_feed-plugin-elasticsearch- .tar.gz
mscherfling commented 4 years ago

You should first install the rc-data-feed package as this plugin relies on it. You’ll find that in these resilient-community-apps or on the IBM Xforce exchange: https://exchange.xforce.ibmcloud.com/

hmnguyen1201 commented 4 years ago

I am not sure I got what you mean. I did download the package from the IBM Xforce exchange and that is the error I got. Looks like the package on the Xforce exchange is couple version behind the git repo?

mscherfling commented 4 years ago

There are two packages required. Rc-data-feed and then the plugin, in your case rc-data-feed-plugin-elasticsearch.

hmnguyen1201 commented 4 years ago

I see what you mean. Unfortunately, still the same error

mscherfling commented 4 years ago

You can run pip freeze to ensure rc-data-feed is installed prior to installing the elasticsearch plugin.

hmnguyen1201 commented 4 years ago

yeah rc-data-feed is already installed. It indicates that it is reaching out to https://pypi.org/simple/rc-data-feed/ but that page does not exist anymore.

HTTPError: 404 Client Error: Not Found for url: https://pypi.org/simple/rc-data-feed/

mscherfling commented 4 years ago

These are the steps I followed to configure the elasticsearch plugin for rc-data-feed. From the sounds of your description, it sounds like your steps are similar, but I want to make sure.

$ unzip rc_data_feed-2.0.0.zip Archive: rc_data_feed-2.0.0.zip extracting: rc_data_feed-2.0.0.tar.gz
$ unzip rc_data_feed_plugin_elasticfeed-1.0.0.zip Archive: rc_data_feed_plugin_elasticfeed-1.0.0.zip extracting: rc_data_feed_plugin_elasticfeed-1.0.0.tar.gz
$ pip install rc_data_feed-2.0.0.tar.gz
$ pip install rc_data_feed_plugin_elasticfeed-1.0.0.tar.gz

adding sections to app.config file, if not already there

$ resilient-sdk config -u -l rc-data-feed rc-data-feed-plugin-elasticfeed

adding rules to Resilient, if not already there

$ resilient-sdk customize -l rc-data-feed

edit app.config to configure elastic_feed as the plugin to use and configure the elasticseach endpoint

$ vi ~/.resilient/app.config

hmnguyen1201 commented 4 years ago

@mscherfling yeah I followed the same step and the error I got is from this step "pip install rc_data_feed_plugin_elasticfeed-1.0.0.tar.gz"

Sorry for the delayed response. I was distracted by different project

hmnguyen1201 commented 4 years ago

Turns out it is an issue with windows linux subsystem. I am not sure why it threw the error like I posted above but doing it in my windows test machine works. We can close this ticket