Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
As of Docker Compose v2.25 a warning message about the version tag being deprecated from docker-compose.yml is shown. This is not generally fatal, but the code that is used to determine if OpenSearch is running or not is misinterpreting the output, which would cause the keystore file not to be created and for Docker to create an empty bind-mounted directory in its place instead.
This commit (mmguero-dev/Malcolm@2bc92142c48a07d663831b7234aaf987e0aaccb5) fixes the problem by ignoring STDERR.
As of Docker Compose v2.25 a warning message about the version tag being deprecated from docker-compose.yml is shown. This is not generally fatal, but the code that is used to determine if OpenSearch is running or not is misinterpreting the output, which would cause the keystore file not to be created and for Docker to create an empty bind-mounted directory in its place instead.
This commit (mmguero-dev/Malcolm@2bc92142c48a07d663831b7234aaf987e0aaccb5) fixes the problem by ignoring STDERR.