xeraa / vagrant-elastic-stack Goto Github PK
View Code? Open in Web Editor NEWGiving the Elastic Stack a try in Vagrant
License: MIT License
Giving the Elastic Stack a try in Vagrant
License: MIT License
Hi, I can't download this link
https://s3.eu-central-1.amazonaws.com/xeraa/public/elastic-stack.ova.
gives me this error:
This XML file does not appear to have any style information associated with it. The document tree is shown below.
AccessDenied
Access Denied
SFD6M13BCXJVVPXV
YA8C0/AEebk7KqI8FlZIrj/CBJprGfmX3HPDd3CIN3JVXDKDdCZFpA/rpF/9bz9YxmWlH5M4UmA=
No usable default provider could be found for your system.
Vagrant relies on interactions with 3rd party systems, known as
"providers", to provide Vagrant with resources to run development
environments. Examples are VirtualBox, VMware, Hyper-V.
The easiest solution to this message is to install VirtualBox, which
is available for free on all major platforms.
If you believe you already have a provider available, make sure it
is properly installed and configured. You can see more details about
why a particular provider isn't working by forcing usage with
vagrant up --provider=PROVIDER
, which should give you a more specific
error message for that particular provider.
I had an issue running on Windows (Vagrant 1.8.5, Virtualbox 5.1.4)
λ vagrant up
Bringing machine 'ubuntu' up with 'virtualbox' provider...
==> ubuntu: Checking if box 'ubuntu/trusty32' is up to date...
==> ubuntu: Clearing any previously set forwarded ports...
"rsync" could not be found on your PATH. Make sure that rsync
is properly installed on your system and available on the PATH.
Change in Vagrantfile from
ubuntu.vm.synced_folder "elastic-stack/", "/elastic-stack/", type: "rsync"
to
ubuntu.vm.synced_folder "elastic-stack/", "/elastic-stack/", type: "virtualbox"
solved the problem
Filebeat modules:
Hello,
I had an error at the end of running vagrant up (forgot to copy the issue) but had a successful message as well.
Now, when I try run /elastic-stack/all.sh, I have this issue.
vagrant@elastic-stack:~$ /elastic-stack/all.sh
-bash: /elastic-stack/all.sh: /bin/bash^M: bad interpreter: No such file or directory
Do you have a quick solution ?
Thank you,
Cyril
Hello,
I got an error while doing vagrant up
and it's pretty mysterious for me.
TASK [Add osquery's server repository] *****************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: apt.cache.FetchFailedException: E:The repository 'https://osquery-packages.s3.amazonaws.com/bionic bionic Release' does not have a Release file.
fatal: [ubuntu]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File "/tmp/ansible_Gqglog/ansible_module_apt_repository.py", line 551, in \n main()\n File "/tmp/ansible_Gqglog/ansible_module_apt_repository.py", line 543, in main\n cache.update()\n File "/usr/lib/python2.7/dist-packages/apt/cache.py", line 543, in update\n raise FetchFailedException(e)\napt.cache.FetchFailedException: E:The repository 'https://osquery-packages.s3.amazonaws.com/bionic bionic Release' does not have a Release file.\n", "module_stdout": "", "msg": "MODULE FAILURE", "rc": 1}
to retry, use: --limit @/elastic-stack/0_install.retryPLAY RECAP *********************************************************************
ubuntu : ok=20 changed=13 unreachable=0 failed=1Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.
Then I tried again, but I was suggested to run vagrant provision
this time. I did so, only to have the same error in a more brief way,
TASK [Install the JRE] *********************************************************
fatal: [ubuntu]: FAILED! => {"changed": false, "msg": "Failed to update apt cache: E:The repository 'https://osquery-packages.s3.amazonaws.com/bionic bionic Release' does not have a Release file."}
to retry, use: --limit @/elastic-stack/0_install.retryPLAY RECAP *********************************************************************
ubuntu : ok=8 changed=1 unreachable=0 failed=1
Sorry for posting before doing any research, I wanted to check if it has a quick fix since the workshop is tomorrow.
Thanks!
It would be useful to make it easy to deploy this to Amazon. I'll open a pull request for this.
I had a few issues running this on Windows so here is what I had to do if it helps anyone:
There is a bug in vagrant 1.8.3 for ansible on Windows which causes vagrant to prepend a drive letter to the playbook location. I had to install:
vagrant plugin install vagrant-guest_ansible
and change the Vagrantfile to:
provisioner = Vagrant::Util::Platform.windows?:guest_ansible : "ansible_local"
config.vm.provision provisioner do |ansible|
ansible.playbook = "0_install.yml"
end
Once the machine was provisioned I had some errors installing ansible:
Collecting cffi>=1.4.1 (from cryptography>=1.1->paramiko->ansible)
Downloading cffi-1.6.0.tar.gz (397kB)
Requirement already satisfied (use --upgrade to upgrade): pycparser in /usr/local/lib/python2.7/dist-packages (from cffi>=1.4.1->cryptography>=1.1->paramiko->ansible)
Installing collected packages: cffi, cryptography, paramiko, MarkupSafe, jinja2, ansible
Running setup.py install for cffi: started
Running setup.py install for cffi: finished with status 'error'
Complete output from command /usr/bin/python -u -c "import setuptools, tokenize;file='/tmp/pip-build-BmlYsM/cffi/setup.py';exec(compile(getattr(tokenize, 'open', open)(file).read().replace('\r\n', '\n'), file, 'exec'))" install --record /tmp/pip-n00gG6-record/inst
gle-version-externally-managed --compile:
running install
running build
running build_py
creating build
creating build/lib.linux-x86_64-2.7
creating build/lib.linux-x86_64-2.7/cffi
copying cffi/backend_ctypes.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/cparser.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/cffi_opcode.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/lock.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/api.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/gc_weakref.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/commontypes.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/ffiplatform.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/verifier.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/setuptools_ext.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/vengine_gen.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/recompiler.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/vengine_cpy.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/init.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/model.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/_cffi_include.h -> build/lib.linux-x86_64-2.7/cffi
copying cffi/parse_c_type.h -> build/lib.linux-x86_64-2.7/cffi
copying cffi/_embedding.h -> build/lib.linux-x86_64-2.7/cffi
running build_ext
building '_cffi_backend' extension
creating build/temp.linux-x86_64-2.7
creating build/temp.linux-x86_64-2.7/c
x86_64-linux-gnu-gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -DUSE__THREAD -I/usr/include/ffi -I/usr/include/libffi -I/usr/include/python2.7 -c c/_cffi_backend.c -o build/temp.linux-x86_64-2.7/c/_cffi_backend.o
c/_cffi_backend.c:15:17: fatal error: ffi.h: No such file or directory
#include <ffi.h>
^
compilation terminated.
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
so had to run:
sudo apt-get update sudo apt-get install libffi-dev g++ libssl-dev
then re run
vagrant provision
This is a great example of building an elastic stack in a VM. I just have one question regarding the x-pack implementation. How do I log in to kibana with this up? I looked in the files and it looks like a variable was assigned {{kibana_user_password}}. But I can't really seem to get it done. Granted I'm a newbie at elk and I was planning on using this to ingest some old logs for a project to visualize the data with kibana. SOS.
In Mac, after success full installation. Kibana login page is popping up. As per the document it should prompt to select the default Index. On configuring user name and password in kibana.yml file the system throws elastic licensing error. Please add the default user name and password in documents.
Able to login with elastic/changeme in Kibana but the rest of components (logstash, beats) are unable to establish the connection.
Here is a error message
root@vagrant-ubuntu-trusty-32:/var/log/elasticsearch# curl http://localhost:9200/
{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication token for REST request [/]","header":{"WWW-Authenticate":"Basic realm="security" charset="UTF-8""}}],"type":"security_exception","reason":"missing authentication token for REST request [/]","header":{"WWW-Authenticate":"Basic realm="security" charset="UTF-8""}},"status":401}root@vagrant-ubuntu-trusty-32:/var/log/elasticsearch# curl http://localhost:9200/
{
Port 9200 and 9300 are not running tcp 4
vagrant@vagrant-ubuntu-trusty-32:~/.ssh$ netstat -lt |egrep '9200|9300|5601'
tcp 0 0 :5601 : LISTEN
tcp6 0 0 localhost:9300 [::]: LISTEN
tcp6 0 0 ip6-localhost:9300 [::]:* LISTEN
tcp6 0 0 ip6-localhost:5601 [::]:* LISTEN
tcp6 0 0 localhost:9200 [::]:* LISTEN
tcp6 0 0 ip6-localhost:9200 [::]:* LISTEN
Do not include the Docker settings in Filebeat and Metricbeat on 32bit platforms
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.