Replies: 3 comments
-
|
Hi Jertel, Could you please elaborate a bit more? i) Entered the root path by executing sudo su - ii) Verified this file /root/sosetup.log and got the error: 'gpg: Signature made Wed Mar 22 14:45:50 2023 UTC using RSA key ID FE507013 gpg: BAD signature from "Security Onion Solutions, LLC [email protected]" Errors detected during setup; skipping post-setup steps to allow for analysis of failures.'
iii) Verified this github link and executed sudo so-mysql-start . It states command not accepted. iv) Verified this document pg 249 and executed sudo soup and sudo salt-call state. highstate but the process got stuck during wazuh verification. https://readthedocs.org/projects/securityonion/downloads/pdf/2.3/ The error : [ERROR ] Failed to pull ghcr.io/security-onion-solutions/registry:latest: Error 400: client version 1.42 is too new. Maximum supported API version is 1.41 was often seen. docker version confirmed that the API version of the client is 1.42. v) Post the above step, I was able to execute the below commands though. a) so-status: showed only few containers (25). Ideally it should be 30.Most of the containers were in starting state.
b) Was able to execute so-mysql-start which started the mysql service c) Individual attempted to start all services and all started working except for elastalert which shows the container is missing. d) Unable to open the GUI even though so-allow had the IP range 10.0.0.0/16 defined. Error: Unable to load fleet since fleet instance is missing vi) Tried creating the VM multiple times still the same error. |
Beta Was this translation helpful? Give feedback.
-
|
Please mark this as solved...Jertel' command is the answer |
Beta Was this translation helpful? Give feedback.
-
Security Onion 2.3.230 has been released, so this should no longer be an issue: |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Installing Security Onion 2.3.220 using the official AMI or Azure Image may experience a setup failure. This is occurring because some of the Docker images stored on the AMI / Azure image are not in sync with the signature (for this release only). Fortunately, the resolution is simple:
When you login to the VM, it will automatically start setup. Cancel out of setup and then run the following command at the Bash terminal prompt.
sudo docker rmi ghcr.io/security-onion-solutions/so-curator:2.3.220 localhost:5000/security-onion-solutions/so-curator:2.3.220 ghcr.io/security-onion-solutions/so-redis:2.3.220 localhost:5000/security-onion-solutions/so-redis:2.3.220; sudo /securityonion/so-setup-networkAfter this step you can perform the installation as documented.
This step will be required for new AMI and Azure Image node installations until the 2.3.230 version is released.
Beta Was this translation helpful? Give feedback.
All reactions