so-elastalert and so-elasticsearch missing

[fa1sepr0phet]

Version

2.4.100

Installation Method

Security Onion ISO image

Description

other (please provide detail below)

Installation Type

Standalone

Location

airgap

Hardware Specs

Exceeds minimum requirements

CPU

12

RAM

128GB

Storage for /

293GB

Storage for /nsm

5.8TB

Network Traffic Collection

span port

Network Traffic Speeds

more than 10Gbps

Status

No, one or more services are failed (please provide detail below)

Salt Status

Yes, there are salt failures (please provide detail below)

Logs

No, there are no additional clues

Detail

This is a standalone airgap install.
When running sudo so-status, both so-elastalert and so-elasticsearch are missing. When I run sudo elasticsearch-restart and sudo so-elastalert-restart, they return failed (see links)
so-elastalert.txt
so-elasticsearch.txt
elastalert.log returns empty.

securityonion.log shows this failure in particular:
[ERROR] [org.elasticsearch.bootstrap.Elasticsearch] fatal exception while booting Elasticsearch org.elasticsearch.ElasticsearchException: Failed to bind service
sudo so-elasticsearch-query _cat/indices returns nothing,
When I try curl https://localhost:9200/_cat/indices/.kibana* I receive "connection refused".

I'm not sure where to go from here, so if anyone has any idea or has ran into this problem, please advise.

Guidelines

• I have read the discussion guidelines at Read before posting! #1720 and assert that I have followed the guidelines.

[cm-ops]

Elasticsearch isn't running that is why the curl command and _cat/indices doesn't return. I would need more information from the Elasticsearch log. Also, if you run sudo so-checkin, do you see other states failing?