Closed webhead404 closed 5 years ago
sashlabs-cyber
commented
5 years ago Hi @kvv5150,
Seems to be "import_es_index.py" and its dependencies are written for Python 2.7 you have to use Python 2.7 to execute that script. Make sure you install elasticsearch plugin on Python 2.7 before executing that script.
Thanks, Sash
webhead404
commented
5 years ago I actually found out the issue had to do with SSL. Line 23 - 27 in es_db_connector.py mentions uncommenting lines if X-Pack is installed. However, the SSL entries in the script are enabled by default.
socprime
commented
5 years ago Thank you for your report! We have already updated requirements for our app and add to backlog tasks for removing hard coded stuff from our app and will implement them as soon as possible.
socprime
commented
5 years ago In version 0.9.2 fixed this issue.
How is this index imported? I have looked at the docs. Had trouble with the python scripts
File "import_es_index.py", line 39, in
import_index(SIGMA_DOC_INDEX_NAME+'_index.json', SIGMA_DOC_INDEX_NAME)
File "import_es_index.py", line 26, in import_index
print es_dbc.delete_index(index_name)
File "/home/kwright/socprime_sigma_ui_unzip_me-Zgifp/ELK_import_export/es_db_connector.py", line 57, in delete_index
return self.es.indices.delete(index=index, ignore=[400, 404])
File "/usr/lib/python2.7/site-packages/elasticsearch/client/utils.py", line 76, in _wrapped
return func(*args, params=params, **kwargs)
File "/usr/lib/python2.7/site-packages/elasticsearch/client/indices.py", line 185, in delete
params=params)
File "/usr/lib/python2.7/site-packages/elasticsearch/transport.py", line 318, in perform_request
status, headers_response, data = connection.perform_request(method, url, params, body, headers=headers, ignore=ignore, timeout=timeout)
File "/usr/lib/python2.7/site-packages/elasticsearch/connection/http_urllib3.py", line 181, in perform_request
raise ConnectionError('N/A', str(e), e)
elasticsearch.exceptions.ConnectionError: ConnectionError([('system library', 'fopen', 'No such file or directory'), ('BIO routines', 'BIO_new_file', 'no such file'), ('x509 certificate routines', 'X509_load_cert_crl_file', 'system lib')]) caused by: Error([('system library', 'fopen', 'No such file or directory'), ('BIO routines', 'BIO_new_file', 'no such file'), ('x509 certificate routines', 'X509_load_cert_crl_file', 'system lib')])