search

splunk / attack_range

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
Apache License 2.0
2.08k stars 349 forks source link

Fatal error by install contentctl #875

Closed t0mg1t closed 7 months ago

t0mg1t commented 7 months ago

I'm facing in the following error by a local installation:

fatal: [ar-linux-attack-range-key-pair-ar-0]: FAILED! => {"msg": "The conditional check '(use_prebuilt_images_with_packer == \"0\") and (install_contentctl == \"0\")' failed. The error was: error while evaluating conditional ((use_prebuilt_images_with_packer == \"0\") and (install_contentctl == \"0\")): 'install_contentctl' is undefined\n\nThe error appears to be in '/home/...../git_tools/attack_range/packer/ansible/roles/linux_universal_forwarder/tasks/install_universal_forwarder.yml': line 4, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: add splunk group\n ^ here\n"}

Can anybody help? Many thanks!

ljstella commented 7 months ago

Howdy @t0mg1t -

Can you confirm when you pulled the docker image or pulled this repo? We shipped a fix yesterday that should address this.

t0mg1t commented 7 months ago

Hi @ljstella Thanks for your help I pulled this repo today.

ljstella commented 7 months ago

Under the general section of your attack_range.yml config file, you can add 

install_contentctl: "0"

which should clean this up while we work on a more permanent fix.