Build fails with HTTP 401 code when trying to install ESCU app

[jez-github]

Hi guys,

When trying to build using vagrant on my laptop I keep getting up to the "Install escu app via REST" stage and it fails every time with a "HTTP 401" error. Vagrant output listed below:

TASK [search_head : Check if ESCU App exists] ** ok: [attack-range-splunk-server]

TASK [search_head : download ESCU app from S3 bucket] ** changed: [attack-range-splunk-server]

TASK [search_head : Install escu app via REST] ***** fatal: [attack-range-splunk-server]: FAILED! => {"cache_control": "private", "changed": false, "connection": "Close", "content": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n\n \n <msg type=\"ERROR\">Unauthorized\n \n\n", "content_length": "130", "content_type": "text/xml; charset=UTF-8", "date": "Tue, 14 Jul 2020 00:24:08 GMT", "elapsed": 0, "msg": "Status code was 401 and not [200, 201]: HTTP Error 401: Unauthorized", "redirected": false, "server": "Splunkd", "status": 401, "url": "https://127.0.0.1:8089/services/apps/local", "vary": "Cookie, Authorization", "www_authenticate": "Basic realm=\"/splunk\"", "x_content_type_options": "nosniff", "x_frame_options": "SAMEORIGIN"}

RUNNING HANDLER [splunk_phantom : restart splunk] **

PLAY RECAP ***** attack-range-splunk-server : ok=26 changed=23 unreachable=0 failed=1 skipped=32 rescued=0 ignored=0

Ansible failed to complete successfully. Any error output should be visible above. Please fix these errors and try again. 2020-07-14 10:24:09,961 - ERROR - attack_range - vagrant failed to build

Any suggestions?

[jez-github]

Looks like it was due to changing the password in attack_range.conf before kicking off the build process.