search

jasonish / evebox

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
https://evebox.org/
MIT License
431 stars 67 forks source link

Template file not found #77

Closed envyes closed 6 years ago

envyes commented 6 years ago

Hello, I cloned the latest evebox and the dependencies and created a rpm. This rpm was added to a proprietory centos iso image along with elasticsearch 5.6.6 & suricata 4.0. Now when I am trying to bring up a VM with this image, the evebox esimport fails to execute with the error "Failed to install template: file does not exist failed to install template for configured index"

I see that the packr command[-v] is creating the box with all the resources. _built box . with ["configdb/README.md" "configdb/V0.sql" "configdb/V1.sql" "elasticsearch/template-es5x.json" "elasticsearch/template-es6x.json" "favicon.ico" "postgres/V0.sql" "postgres/V1.sql" "postgres/V2.sql" "postgres/V3.sql" "postgres/examples.sql" "public/3rdpartylicenses.txt" "public/done" "public/favicon.ico" "public/fontawesome-webfont.674f50d287a8c48dc19b.eot" "public/fontawesome-webfont.912ec66d7572ff821749.svg" "public/fontawesome-webfont.af7ae505a9eed503f8b8.woff2" "public/fontawesome-webfont.b06871f281fee6b241d6.ttf" "public/fontawesome-webfont.fee66e712a8a08eef580.woff" "public/index.html" "public/inline.7ad29852404a2889f74f.bundle.js" "public/main.9e188a1a67e840e8f653.bundle.js" "public/polyfills.9afba58cc5c5e906563e.bundle.js" "public/styles.63a57b75d0da691870af.bundle.css" "resources.go" "sqlite/V0.sql" "sqlite/V1.sql" "sqlite/V2.sql"]

Would you know what is causing the command to fail at runtime? TIA.

jasonish commented 6 years ago

Confirmed. I'm seeing an issue with the "boxed" assets as well. Looking into it now.

jasonish commented 6 years ago

Actually my builds are fine. Can you test one of my binaries in your VM:

https://evebox.org/files/s3/release-staging/

If that works, but yours doesn't its something in the build process that isn't working out for you.

Thanks.

envyes commented 6 years ago

Thanks for checking this. I'll check my build process then. Due to our requirement, we had to modify the vendor directory structure which might be causing the issue. I'll take a deeper look at how packr behaves. Thanks.

jasonish commented 6 years ago

As a reference you might want to see "./docker.sh release" which does a release in a fresh docker instance, installs on deps and creating a linux release.

jasonish commented 6 years ago

Closing for now as it doesn't seem to be an issue with the default build.

Let me know if you think I could be of help. Also note that as "vgo" becomes more stable I'll be switching to that, which looks like it will remove the vendor directory completely.