[IntelMQ-users] IntelMQ not working
Jovana Gjurovska
jovana.gjurovska at sigmoidgroup.com
Wed Feb 14 13:01:10 CET 2024
Thank you for the feedback!
---- On Wed, 14 Feb 2024 11:58:05 +0100 Kamil Mankowski via IntelMQ-users <intelmq-users at lists.cert.at> wrote ---
Dear Jovana,
giving the logs you provided it looks like problem with the Docker, the
'docker compose down' command is a Docker native command, and cannot
connect with the Docker daemon. It's hard to say why.
I see however two potentially suspicious things:
1) "intelmq-api.service", as a systemd unit, is part of either native
DEB installation, or other installation direct on the virtual machine
(e.g. with the intelmqsetup command), and not the installation in
Docker. Have you tried to install the IntelMQ on the VM directly?
2) failed logrotate.service would suggest me to check the disk space on
the VM. Could you check whether there is enough disk space left on the
VM? I reminded myself about a known issue in current docker builds
leading to not rotating log files.
Best regards
// Kamil Mańkowski <mailto:mankowski at cert.at> - T: +43 676 898 298 7204
// CERT Austria - https://www.cert.at/
// CERT.at GmbH, FB-Nr. 561772k, HG Wien
On 2/14/24 10:56, Jovana Gjurovska via IntelMQ-users wrote:
> Dear,
>
> I had successfully installed intelmq-docker on a linux virtual machine
> and it worked perfectly till 31 of January. Now I have a problem.
>
> Docker is running and it is active but I can not docker-compose down and
> docker-compose up -d and I do not know why. Here are the errors I am
> getting:
>
> docker.service - Docker Application Container Engine
> Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor
> preset: enabled)
> Active: active (running)since Wed 2024-02-14 09:31:20 UTC; 21min ago
> TriggeredBy: ●docker.socket
> Docs: https://docs.docker.com <https://docs.docker.com>
> Main PID: 158179 (dockerd)
> Tasks: 14
> Memory: 32.6M
> CPU: 8.801s
> CGroup: /system.slice/docker.service
> └─158179 /usr/bin/dockerd -H fd://
> --containerd=/run/containerd/containerd.sock
>
>
> 3 services are failed:
>
> UNIT LOAD ACTIVE SUB DESCRIPTION
> ● intelmq-api.service loaded failed failed Gunicorn deamon to serve the
> IntelMQ API
> ● logrotate.service loaded failed failed Rotate log files
> ● nginx.service loaded failed failed A high performance web server and a
> reverse proxy server When I type docker compose down this error appears:
> Traceback (most recent call last):
> File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line
> 700, in urlopen
> httplib_response = self._make_request(
> File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line
> 446, in _make_request
> six.raise_from(e, None)
> File "", line 3, in raise_from
> File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line
> 441, in _make_request
> httplib_response = conn.getresponse()
> File "/usr/lib/python3.10/http/client.py", line 1375, in getresponse
> response.begin()
> File "/usr/lib/python3.10/http/client.py", line 318, in begin
> version, status, reason = self._read_status()
> File "/usr/lib/python3.10/http/client.py", line 279, in _read_status
> line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
> File "/usr/lib/python3.10/socket.py", line 705, in readinto
> return self._sock.recv_into(b)
> Can you please help me solve the problem? Best regards, Jovana Gjurovska.
>
> ------------------------------------------------------------------------
>
> *Jovana Gjurovska*
>
> EdTech Specialist
>
> Mobile: +389 (77) 836-658
>
> Email: mailto:jovana.gjurovska at sigmoidgroup.com
> <mailto:mailto:stefan.jovanovski at sigmoidgroup.com>
>
> Sigmoid DOO, member of Sigmoid Group
>
> No 22/1 - 302, Str. 1615, Cevahir Sky City, Tower B, Floor 33, 1000
> Skopje, Macedonia
> _https://www.sigmoidgroup.com/ <https://www.sigmoidgroup.com/>_
>
>
> ---
>
> This e-mail may contain confidential and/or privileged information. If
> you are not the intended recipient (or have received this e-mail in
> error) please notify the sender immediately and delete this e-mail. Any
> unauthorized copying, disclosure or distribution of the material in this
> e-mail is strictly forbidden.
>
>
>
>
--
List settings:
https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-users
IntelMQ Documentation: https://intelmq.readthedocs.io/
Jovana Gjurovska
EdTech Specialist
Mobile: +389 (77) 836-658
Email: mailto:stefan.jovanovski at sigmoidgroup.com
Sigmoid DOO, member of Sigmoid Group
No 22/1 - 302, Str. 1615, Cevahir Sky City, Tower B, Floor 33, 1000 Skopje, Macedonia
https://www.sigmoidgroup.com/
---
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/intelmq-users/attachments/20240214/5d269427/attachment.htm>
More information about the IntelMQ-users
mailing list