[IntelMQ-users] IntelMQ Issue

Sebastian Wagner wagner at cert.at
Fri Mar 12 12:21:22 CET 2021 

Hi,

How did you install and what does http://localhost/intelmq-manager/ show?

Sebsatian

On 3/12/21 12:19 PM, Soni, Drupad wrote:
> Hi Filip,
>
> I have started from scratch 
> OS Ubuntu 18.04
> Intelmq 2.3.0
> Intelmq-api 2.3.0
> Intelmq-manager 3.0.0a 
>
> I am not able to see Intelmq-manager using localhost:80. Attaching images for reference. Please guide through.
>
>
> Regards,
> Drupad Soni
> KPMG - Cyber Security
> Embassy Golf Links Business Park, Pebble Beach, 'B' Block, 
> 1st & 2nd Floor, Off Intermediate Ring Road 
> Mobile : +91 8140283894
> Know more about our Cyber Security Services
> https://home.kpmg.com/in/en/home/services/advisory/risk-consulting/it-advisory-services/cyber-security.html
>
> -----Original Message-----
> From: Filip Pokorny <filip.pokorny at csirt.cz> 
> Sent: Friday, March 12, 2021 4:33 PM
> To: Soni, Drupad <drupadsoni at kpmg.com>; Sebastian Wagner <wagner at cert.at>; intelmq-users at lists.cert.at
> Cc: Shah, Kunal <kunalshah3 at kpmg.com>; Gupta, Anshul <anshulgupta9 at kpmg.com>; Thakur, Richu <richuthakur at kpmg.com>
> Subject: Re: [IntelMQ-users] IntelMQ Issue
>
> Hi Drupad,
>
> if you are using an older version of Elasticsearch, you can try an alternative approach with redis output bot and logstash instead of elastichsearch output bot.
>
> It should be documented here:
>
> https://urldefense.com/v3/__https://intelmq.readthedocs.io/en/latest/user/ELK-Stack.html__;!!N8Xdb1VRTUMlZeI!3KvdElwMvEM7E8iiWd8EHm388jd1XLki7uBJJICUy4XbcNYsZxCfbBjCDRUSFW0$ 
>
> This is something we have tested with various versions of Elasticsearch versions (5, 6 and 7) and works fine for us. This approach removes dependency on any particular version of Elasticsearch.
>
> Regards,
>
> Filip Pokorny
> https://urldefense.com/v3/__http://CSIRT.CZ__;!!N8Xdb1VRTUMlZeI!3KvdElwMvEM7E8iiWd8EHm388jd1XLki7uBJJICUy4XbcNYsZxCfbBjCVlXXJN4$ 
>
> On 3/12/21 10:15 AM, Soni, Drupad wrote:
>> HI Sebestian,
>>
>>  
>>
>> Thanks for informing. Please find our answers below inlined with your 
>> questions asked:
>>
>>                Which operating system, which IntelMQ version, which 
>> installation method do you use?
>> Ubuntu 18.04 LTS. We have tried installation using Native packages, 
>> git cloning and pip. Intelmq version: 2.3.0 , Mongodb: 4.4 ,  
>> Elasticsearch & Kibana: 5.5.3
>>
>>                 What are you unable to access and what is the exact 
>> error you get?
>> There are different scenarios,
>>
>>  1. When we tried installing new instance for intelmq:
>>
>> Issue that we are facing: Debian package (Intelmq-manager) does not 
>> prompt for username and password due to this it is not getting 
>> installed properly and we unable to access GUI
>>
>>  2. On a successfully installed intelmq setup integrated with mongodb:
>>
>> The setup was working fine but recently we have faced issue where 
>> Intelmq bots of mongodb and elasticsearch both have stopped working. 
>> It asks for pymongo package even after fulfilling the dependency and 
>> elasticsearch is showing error ES version needed 5.0<x<6.0
>>
>>  
>>
>> Regards,
>>
>> Drupad Soni
>>
>> *KPMG - Cyber Security*
>>
>> Embassy Golf Links Business Park, Pebble Beach, 'B' Block,
>>
>> 1st & 2nd Floor, Off Intermediate Ring Road
>>
>> Mobile : +91 8140283894
>>
>> Know more about our *Cyber Security Services*
>>
>> https://home.kpmg.com/in/en/home/services/advisory/risk-consulting/it-
>> advisory-services/cyber-security.html
>> <https://home.kpmg.com/in/en/home/services/advisory/risk-consulting/it
>> -advisory-services/cyber-security.html>
>>
>>  
>>
>> *From:* Sebastian Wagner <wagner at cert.at>
>> *Sent:* Friday, March 12, 2021 2:17 PM
>> *To:* Thakur, Richu <richuthakur at kpmg.com>; 
>> intelmq-users at lists.cert.at
>> *Cc:* Shah, Kunal <kunalshah3 at kpmg.com>; Soni, Drupad 
>> <drupadsoni at kpmg.com>
>> *Subject:* Re: [IntelMQ-users] IntelMQ Issue
>>
>>  
>>
>> Dear Richu,
>>
>> On 3/12/21 9:32 AM, Thakur, Richu wrote:
>>
>>     We are facing issue in accessing and using IntelMQ setup and the
>>     manager.
>>
>> Which operating system, which IntelMQ version, which installation 
>> method do you use?
>>
>>     We have integrated the setup with MongoDB and Elastic search though
>>     as we have checked we are unable to access anything right now.
>>
>> What are you unable to access and what is the exact error you get?
>>
>>     Also, we are wondering if the issue is taking place since IntelMQ is
>>     in maintenance.
>>
>> IntelMQ is actively developed.
>>
>> kind regards
>> Sebastian
>>
>> --
>>
>> // Sebastian Wagner <wagner at cert.at> <mailto:wagner at cert.at> - T: +43 
>> 1 5056416 7201
>>
>> // CERT Austria - 
>> https://urldefense.com/v3/__https://www.cert.at/__;!!N8Xdb1VRTUMlZeI!3
>> KvdElwMvEM7E8iiWd8EHm388jd1XLki7uBJJICUy4XbcNYsZxCfbBjCceaD06U$  
>> <https://urldefense.com/v3/__https://www.cert.at/__;!!N8Xdb1VRTUMlZeI!
>> 3KvdElwMvEM7E8iiWd8EHm388jd1XLki7uBJJICUy4XbcNYsZxCfbBjCceaD06U$ >
>>
>> // Eine Initiative der 
>> https://urldefense.com/v3/__http://nic.at__;!!N8Xdb1VRTUMlZeI!3KvdElwM
>> vEM7E8iiWd8EHm388jd1XLki7uBJJICUy4XbcNYsZxCfbBjCWJ7TZCk$  GmbH - 
>> https://urldefense.com/v3/__https://www.nic.at/__;!!N8Xdb1VRTUMlZeI!3K
>> vdElwMvEM7E8iiWd8EHm388jd1XLki7uBJJICUy4XbcNYsZxCfbBjCZiQUHaE$  
>> <https://urldefense.com/v3/__https://www.nic.at/__;!!N8Xdb1VRTUMlZeI!3
>> KvdElwMvEM7E8iiWd8EHm388jd1XLki7uBJJICUy4XbcNYsZxCfbBjCZiQUHaE$ >
>>
>> // Firmenbuchnummer 172568b, LG Salzburg
>>
>> ----------------------------------------------------------------------
>> -- KPMG (in India) allows reasonable personal use of the e-mail 
>> system.
>> Views and opinions expressed in these communications do not 
>> necessarily represent those of KPMG (in India).
>>
>> **********************************************************************
>> *********************************
>> DISCLAIMER
>> The information in this e-mail is confidential and may be legally 
>> privileged. It is intended solely for the addressee. Access to this 
>> e-mail by anyone else is unauthorized. If you have received this 
>> communication in error, please address with the subject heading 
>> "Received in error," send to postmaster1 at kpmg.com, then delete the 
>> e-mail and destroy any copies of it. If you are not the intended 
>> recipient, any disclosure, copying, distribution or any action taken 
>> or omitted to be taken in reliance on it, is prohibited and may be 
>> unlawful. Any opinions or advice contained in this e-mail are subject 
>> to the terms and conditions expressed in the governing KPMG client 
>> engagement letter. Opinions, conclusions and other information in this 
>> e-mail and any attachments that do not relate to the official business 
>> of the firm are neither given nor endorsed by it.
>>
>> KPMG cannot guarantee that e-mail communications are secure or 
>> error-free, as information could be intercepted, corrupted, amended, 
>> lost, destroyed, arrive late or incomplete, or contain viruses.
>>
>> KPMG, an Indian partnership and a member firm of KPMG International 
>> Cooperative ("KPMG International"), a Swiss entity that serves as a 
>> coordinating entity for a network of independent firms operating under 
>> the KPMG name. KPMG International Cooperative ("KPMG International") 
>> provides no services to clients. Each member firm of KPMG 
>> International Cooperative ("KPMG International") is a legally distinct 
>> and separate entity and each describes itself as such.
>>
>> "Notwithstanding anything inconsistent contained in the meeting invite 
>> to which this acceptance pertains, this acceptance is restricted 
>> solely to confirming my availability for the proposed call and should 
>> not be construed in any manner as acceptance of any other terms or conditions.
>> Specifically, nothing contained herein may be construed as an 
>> acceptance (or deemed acceptance) of any request or notification for 
>> recording of the call, which can be done only if it is based on my 
>> explicit and written consent and subject to the terms and conditions 
>> on which such consent has been granted"
>> **********************************************************************
>> *********************************
>>
> **********************************************************************
> KPMG (in India) allows reasonable personal use of the e-mail system. Views and opinions expressed in these communications do not necessarily represent those of KPMG (in India).
>
> *******************************************************************************************************
> DISCLAIMER
> The information in this e-mail is confidential and may be legally privileged. It is intended solely for the addressee. Access to this e-mail by anyone else is unauthorized. If you have received this communication in error, please address with the subject heading "Received in error," send to postmaster1 at kpmg.com, then delete the e-mail and destroy any copies of it. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. Any opinions or advice contained in this e-mail are subject to the terms and conditions expressed in the governing KPMG client engagement letter. Opinions, conclusions and other information in this e-mail and any attachments that do not relate to the official business of the firm are neither given nor endorsed by it.
>
> KPMG cannot guarantee that e-mail communications are secure or error-free, as information could be intercepted, corrupted, amended, lost, destroyed, arrive late or incomplete, or contain viruses.
>
> KPMG, an Indian partnership and a member firm of KPMG International Cooperative ("KPMG International"), a Swiss entity that serves as a coordinating entity for a network of independent firms operating under the KPMG name. KPMG International Cooperative (“KPMG International”) provides no services to clients. Each member firm of KPMG International Cooperative (“KPMG International”) is a legally distinct and separate entity and each describes itself as such.
>
> “Notwithstanding anything inconsistent contained in the meeting invite to which this acceptance pertains, this acceptance is restricted solely to confirming my availability for the proposed call and should not be construed in any manner as acceptance of any other terms or conditions. Specifically, nothing contained herein may be construed as an acceptance (or deemed acceptance)  of any request or notification for recording of the call, which  can be done only if it is based on my explicit and written consent and subject to the terms and conditions on which such consent has been granted”
> *******************************************************************************************************

-- 
// Sebastian Wagner <wagner at cert.at> - T: +43 1 5056416 7201
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg

More information about the IntelMQ-users mailing list