[OISF/outreachy] How to run the project on Ubuntu

Juliana Fajardini Reichow jufajardini at gmail.com
Sat Oct 17 17:08:17 UTC 2020
Previous message (by thread): [OISF/outreachy] How to run the project on Ubuntu
Next message (by thread): [OISF/outreachy] PROJECT PARTICIPATION
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Le sam. 17 oct. 2020 à 17:31, Agha Saad <agha.saad04 at gmail.com> a écrit :

> Worked for me too. Thanks a lot, but now I want to verify the logs,
> whether it is actually running and on which ip or port I can see the
> project running. I tried to run the command *tail http.log *but that file
> doesn't exist.
>

Hi Agha,

When I try that command, I can't find that file either.

I've run suricata using the following command:
sudo suricata -c /etc/suricata/suricata.yaml -s signatures.rules -i enp10s0

where enps010 is my ethernet port (I don't know why ubuntu decided to call
it that, but so be it). I get a few errors, but at least I know it's
running. I have checked
/var/log/suricata
and I am able to find a few logs there, but not the one you've mentioned.
Looking in this link
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricatayaml
it seems that http.log is something that you have to enable, maybe? But, to
be honest, I haven't figured out how, yet.

In any case, what that sudo suricata... command that I ran showed me is
that at least it *is running*, although problem with a few bumps along the
road, as the suricata.log itself shows me.

Did you manage to run it in the terminal?


>
> On Sat, Oct 17, 2020 at 8:58 PM Juliana Fajardini Reichow <
> jufajardini at gmail.com> wrote:
>
>>
>>
>> Le sam. 17 oct. 2020 à 15:34, Sumera Priyadarsini via Outreachy <
>> outreachy at lists.openinfosecfoundation.org> a écrit :
>>
>>>
>>>
>>> On Sat, 17 Oct, 2020, 7:40 PM Agha Saad, <agha.saad04 at gmail.com> wrote:
>>>
>>>> Hi Sumera, Can you please share a link of he suricata-update repo? I
>>>> want to clone that. Thanks
>>>>
>>>
>>> Hi,
>>>
>>> You will find a suricata-update folder already available in your
>>> suricata root. I used the following commands:
>>>
>>> cd suricata-update
>>> curl -L https://github.com/OISF/suricata-update/archive/master.tar.gz |
>>> tar zxvf - --strip-components=1)
>>> make
>>> sudo make install
>>>
>>
>> Yus, this worked for me! Thanks!
>> I did that (without the final ")" , then went back to the suricata folder
>> and proceeded with the rest of the steps, and managed to run
>> sudo make install-full
>>
>> without errors.
>>
>> When I finally tried to run suricata-update after that, I got an error
>>
>> <Error> -- [ERRCODE: SC_ERR_FATAL(171)] - failed to open file:
>> /usr/local/etc/suricata/suricata.yaml: Permission denied
>>
>> which I solved mimicking one of the steps in this link
>> https://suricata-update.readthedocs.io/en/latest/quickstart.html#install-suricata-update,
>> with
>>
>>  sudo chmod g+r suricata.yaml
>>
>> And now I'm able to run suricata-update without further errors.
>>
>> Sharing this here in case anyone else runs into similar issues ^^
>>
>>
>>> Then I proceeded to configure and install suricata from suricata root.
>>>
>>> I came across some other errors too-
>>> https://forum.suricata.io/t/make-installation-fails/648.
>>>
>>> You might find this helpful if you run into any of the same issues.
>>>
>>> Regards,
>>> Sumera
>>>
>>>
>>> On Sat, Oct 17, 2020 at 7:03 PM Sumera Priyadarsini <
>>>> sylphrenadin at gmail.com> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Sat, 17 Oct, 2020, 7:19 PM Juliana Fajardini Reichow via Outreachy,
>>>>> <outreachy at lists.openinfosecfoundation.org> wrote:
>>>>>
>>>>>>
>>>>>> Le sam. 17 oct. 2020 à 14:15, Agha Saad <agha.saad04 at gmail.com> a
>>>>>> écrit :
>>>>>>
>>>>>>> Hi Julian, thanks for the suggestion. I tried running separately now
>>>>>>> the error is related to the rules. Can you help me to download the rules
>>>>>>> for Suricata?
>>>>>>> *Error: rules not installed as suricata-update not available*
>>>>>>>
>>>>>>
>>>>>> Hi Agha,
>>>>>>
>>>>>> I think this issue is related to that:
>>>>>> -- https://redmine.openinfosecfoundation.org/issues/3235
>>>>>>
>>>>>> I will try to follow the instructions here:
>>>>>> --
>>>>>> https://suricata-update.readthedocs.io/en/latest/quickstart.html#install-suricata-update
>>>>>>
>>>>>> As if I had not installed it from Git, and see how it goes, and I'll
>>>>>> come back to you with any news. And you do the same, in case you have
>>>>>> better luck! :P
>>>>>>
>>>>>
>>>>> Hi all,
>>>>>
>>>>> I ran into the same problem while installing as well. I cloned
>>>>> suricata-update in suricata root and then followed the installation docs
>>>>> Juliana has linked above.
>>>>>
>>>>> Then I proceeded with installing suricata.
>>>>> I hope the same will work for you as well. :)
>>>>>
>>>>> Regards,
>>>>> Sumera
>>>>>
>>>>>
>>>>>
>>>>>>
>>>>>>> On Sat, Oct 17, 2020 at 6:03 PM Juliana Fajardini Reichow <
>>>>>>> jufajardini at gmail.com> wrote:
>>>>>>>
>>>>>>>> Hey Blithe and Agha,
>>>>>>>>
>>>>>>>> I was re-running all these steps after reading this thread, and
>>>>>>>> stumbled upon the same error/situation Agha faced. My CARGO was also under
>>>>>>>> /root. So what I did was to run each of the commands separately, using sudo:
>>>>>>>> sudo ./configure
>>>>>>>> sudo make
>>>>>>>> sudo make-install
>>>>>>>>
>>>>>>>> With that, the system was able to create the required directory (as
>>>>>>>> stated in the error, before
>>>>>>>> - error: failed to get `bitflags` as a dependency of package
>>>>>>>> `suricata v6.0.1-dev (/home/...suricata/rust)`
>>>>>>>> Caused by:
>>>>>>>>   failed to create directory
>>>>>>>> `/root/.cargo/registry/index/github.com-1.....9ec823`)
>>>>>>>>
>>>>>>>> So either having Cargo directory in your home directory, like
>>>>>>>> Blithe did, or using sudo, like I did, should work, I believe.
>>>>>>>>
>>>>>>>> Hope this helps, somehow. :P
>>>>>>>>
>>>>>>>> Juliana
>>>>>>>>
>>>>>>>> Le sam. 17 oct. 2020 à 08:48, Blithe Brandon via Outreachy <
>>>>>>>> outreachy at lists.openinfosecfoundation.org> a écrit :
>>>>>>>>
>>>>>>>>> I think the issue might be how Cargo was configured. I’ve added
>>>>>>>>> the same section of output from my system and yours below. Notice I do not
>>>>>>>>> have a RUSTUP_HOME entry and my CARGO_HOME is under my /home/blithe
>>>>>>>>> directory. Whereas your Cargo is listed as /root/.cargo.
>>>>>>>>>
>>>>>>>>> Perhaps try the three cargo steps again.
>>>>>>>>>
>>>>>>>>> sudo apt-get cargo
>>>>>>>>>
>>>>>>>>> add /home/$(whoami)/.cargo/bin to your path.
>>>>>>>>>
>>>>>>>>> cargo install --force cbindgen
>>>>>>>>>
>>>>>>>>> And then the
>>>>>>>>> ./configure && make && make install-full
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Here’s my output
>>>>>>>>>
>>>>>>>>> Making all in rust
>>>>>>>>> make[1]: Entering directory '/home/blithe/suricata/suricata/rust'
>>>>>>>>> \
>>>>>>>>> CARGO_HOME="/home/blithe/.cargo" \
>>>>>>>>> CARGO_TARGET_DIR="/home/blithe/suricata/suricata/rust/target" \
>>>>>>>>> /usr/bin/cargo build --release \
>>>>>>>>>  --features "function-macro "
>>>>>>>>>  Finished release [optimized + debuginfo] target(s) in 1.36s
>>>>>>>>> make gen/rust-bindings.h
>>>>>>>>> make[2]: Entering directory '/home/blithe/suricata/suricata/rust'
>>>>>>>>> make[2]: 'gen/rust-bindings.h' is up to date.
>>>>>>>>> make[2]: Leaving directory '/home/blithe/suricata/suricata/rust'
>>>>>>>>> make[1]: Leaving directory '/home/blithe/suricata/suricata/rust'
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> And here is yours
>>>>>>>>>
>>>>>>>>> Making all in rust
>>>>>>>>> make[1]: Entering directory
>>>>>>>>> '/home/saad/Downloads/suricata/suricata/rust'
>>>>>>>>> RUSTUP_HOME=/root/snap/rustup/common/rustup \
>>>>>>>>> CARGO_HOME="/root/.cargo" \
>>>>>>>>> CARGO_TARGET_DIR="/home/saad/Downloads/suricata/suricata/rust/target"
>>>>>>>>> \
>>>>>>>>> /usr/bin/cargo build --release \
>>>>>>>>>  --features "function-macro "
>>>>>>>>> error: failed to get `bitflags` as a dependency of package
>>>>>>>>> `suricata v6.0.1-dev (/home/saad/Downloads/suricata/suricata/rust)`
>>>>>>>>>
>>>>>>>>> Caused by:
>>>>>>>>>  failed to create directory `/root/.cargo/registry/index/
>>>>>>>>> github.com-1ecc6299db9ec823`
>>>>>>>>>
>>>>>>>>> Caused by:
>>>>>>>>>  Permission denied (os error 13)
>>>>>>>>> make[1]: *** [Makefile:546: all-local] Error 101
>>>>>>>>> make[1]: Leaving directory
>>>>>>>>> '/home/saad/Downloads/suricata/suricata/rust'
>>>>>>>>> make: *** [Makefile:491: all-recursive] Error 1
>>>>>>>>>
>>>>>>>>> Blithe
>>>>>>>>> On Oct 17, 2020, 12:07 AM -0700, Agha Saad <agha.saad04 at gmail.com>,
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Hi Blithe,
>>>>>>>>> I am getting an error after running this command./configure &&
>>>>>>>>> make && make install-full. I have attached the log file.
>>>>>>>>> Link:
>>>>>>>>> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Basic_Setup
>>>>>>>>>
>>>>>>>>> On Sat, Oct 17, 2020 at 11:30 AM Blithe Brandon <
>>>>>>>>> blithe.brandon at gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Hi Agha,
>>>>>>>>>>
>>>>>>>>>> I think you’re done with installation and can move on to setup
>>>>>>>>>> next. The general steps are layed out on this page. You’ve done step one,
>>>>>>>>>> and are ready for step two which leads you to basic setup.
>>>>>>>>>>
>>>>>>>>>> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Quick_Start_Guide
>>>>>>>>>>
>>>>>>>>>> Blithe
>>>>>>>>>> On Oct 16, 2020, 11:16 PM -0700, Agha Saad via Outreachy <
>>>>>>>>>> outreachy at lists.openinfosecfoundation.org>, wrote:
>>>>>>>>>>
>>>>>>>>>> Hi all,
>>>>>>>>>> After installing Suricata on Ubuntu, what's the next step to run
>>>>>>>>>> the project?
>>>>>>>>>> I am following this link
>>>>>>>>>> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Ubuntu_Installation_from_GIT
>>>>>>>>>> I have followed the steps till *sudo ldconfig* command*. *Kindly help
>>>>>>>>>> me with this.
>>>>>>>>>>
>>>>>>>>>> Thanks & Regards,
>>>>>>>>>> Agha Saad
>>>>>>>>>> _______________________________________________
>>>>>>>>>> Outreachy mailing list
>>>>>>>>>> Outreachy at lists.openinfosecfoundation.org
>>>>>>>>>> https://lists.openinfosecfoundation.org/listinfo/outreachy
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>> Outreachy mailing list
>>>>>>>>> Outreachy at lists.openinfosecfoundation.org
>>>>>>>>> https://lists.openinfosecfoundation.org/listinfo/outreachy
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Juliana Fajardini Reichow
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Juliana Fajardini Reichow
>>>>>> _______________________________________________
>>>>>> Outreachy mailing list
>>>>>> Outreachy at lists.openinfosecfoundation.org
>>>>>> https://lists.openinfosecfoundation.org/listinfo/outreachy
>>>>>>
>>>>> _______________________________________________
>>> Outreachy mailing list
>>> Outreachy at lists.openinfosecfoundation.org
>>> https://lists.openinfosecfoundation.org/listinfo/outreachy
>>>
>>
>>
>> --
>> Juliana Fajardini Reichow
>>
>

-- 
Juliana Fajardini Reichow
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/outreachy/attachments/20201017/f76c8db0/attachment-0001.html>
Previous message (by thread): [OISF/outreachy] How to run the project on Ubuntu
Next message (by thread): [OISF/outreachy] PROJECT PARTICIPATION
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Outreachy mailing list