Closed changemenemo closed 5 years ago
Did you try these? https://github.com/maliceio/malice/blob/master/docs/KnownBugs.md
Since it was on Macos (I know Linux base), I wasn't sure and I wanted your views first. I'm going to test it.
De : blacktop notifications@github.com Envoyé : mercredi, novembre 28, 2018 2:13 PM À : maliceio/malice Cc : Impostor syndrom; Author Objet : Re: [maliceio/malice] scanning a file result in crash of elasticsearch and fatal error in malice (#82)
Did you try these? https://github.com/maliceio/malice/blob/master/docs/KnownBugs.md
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/maliceio/malice/issues/82#issuecomment-442441970, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AJFPg0tWUYcGQDr851aB8eer5YCW-s9Bks5uzovsgaJpZM4Y3kRd.
okey by updating the VM to 4G, I got some results. and it seems that the process can go through the whole protocol without crashing.
I have still a lot of failed to update sample in a lot of plugin. Should I do a bug report for that or is it normal? failed: Yara, mcafee, fprot, escan, clamav, comodo, fsecure
succeeded: zoner, avast, dr web, bitdefender, sophos.
It stays stuck after the result of sophos but the container didn't crash... but the vcpus allocated are working for sure.
it finally ended after 11 mins with the pdf parser results and a long list of number.
6G of RAM for a 30MB pdf. Don't know if the size of the file has anything to do with it but so you know.
still a 409 error with virustotal
time="2018-11-29T00:45:02Z" level=fatal msg="failed to index malice/virustotal results: failed to update sample with id: RYrtXGcBjIpm6xqHErD5: elastic: Error 409 (Conflict): [samples][RYrtXGcBjIpm6xqHErD5]: version conflict, current version [2] is different than the one provided [1] [type=version_conflict_engine_exception]" category=intel hash= plugin=virustotal
Describe the bug
every plugin result in failed to initalize elasticsearch
To Reproduce simple pdf download on internet -> malice scan test.pdf
Expected behavior
result of scans displayed in the terminal Environment (please complete the following information):
Output of
docker version
:Output of
docker info
:Additional environment details (AWS, VirtualBox, physical, Docker For Mac, Docker Toolbox, docker-machine, etc.): result of docker logs
Additional context Add any other context about the problem here.