如何首次为 Bionic 配置 Prewikka?

如何首次为 Bionic 配置 Prewikka?

我尝试安装Prewikka基于 Bionic Web 界面的安全信息和事件管理系统软件包。

我按照终端上的说明进行操作,当我开始安装Prewikka包时,会出现确认信息:

在此处输入图片描述

我从来没有提供配置数据库的密码Prewikka,我尝试在网站上找到文档但我找不到我的问题到底是什么。

我如何知道我的密码Prewikkadbconfig-common因为我dbconfig-common按照之前的说明将数据库选择为默认数据库,请参阅下文!

在此处输入图片描述

编辑#1

Prewikka 的开发商表示对于Prelude,我们选择使用dbconfig-common,给出管理员密码并输入DB密码。在此文档为了与 Prelude Manager 集成,我选择了dbconfig-common前面的说明。当我阅读 Prelude Developer 的所有文档时,我忘记为我的 Prewikka 创建数据库了!哦,那是我的错。此时,我收到一些我不明白的错误!但是我仍然对确认密码有点困惑,我必须在 Prewikka 的 MySQL 数据库或 Prelude 的 DBConfig-Common 之间输入密码?

编辑#2

此刻,我收到了一些我无法理解的错误,这些错误对我来说真的很复杂!当我打开 Prewikka 的默认端口时,出现了以下错误:

在此处输入图片描述

我的终端上出现:

$ sudo prewikka-httpd
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 59, in inner
    ret = func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 489, in __init__
    dh.apply()
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 74, in inner
    ret = func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 424, in apply
    self._apply()
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 91, in inner
    ret = func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 415, in _apply
    [ update.apply() for update in self.list() ]
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 415, in <listcomp>
    [ update.apply() for update in self.list() ]
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 87, in inner
    return func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 221, in apply
    self.run()
  File "/usr/lib/python3/dist-packages/prewikka/sql/install.py", line 72, in run
    """)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 211, in query
    self.db.query(q)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 547, in query
    return preludedb.SQL.query(self, sql)
RuntimeError: All parts of a PRIMARY KEY must be NOT NULL; if you need NULL in a key, use UNIQUE instead

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/prewikka/main.py", line 277, in process
    response = self._process_static(webreq) or self._process_dynamic(webreq)
  File "/usr/lib/python3/dist-packages/prewikka/main.py", line 244, in _process_dynamic
    self._prewikka_init_if_needed()
  File "/usr/lib/python3/dist-packages/prewikka/main.py", line 134, in _prewikka_init_if_needed
    raise self._prewikka_initialized
  File "/usr/lib/python3/dist-packages/prewikka/main.py", line 122, in _prewikka_init_if_needed
    env.db = database.Database(env.config.database)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 873, in __new__
    return MySQLDatabase(config)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 61, in inner
    raise DatabaseError(message=text_type(e))
prewikka.database.DatabaseError: All parts of a PRIMARY KEY must be NOT NULL; if you need NULL in a key, use UNIQUE instead

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.6/wsgiref/handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
  File "/bin/prewikka-httpd", line 62, in application
    return wsgi.application(environ, start_response)
  File "/usr/lib/python3/dist-packages/prewikka/web/wsgi.py", line 161, in application
    core.process(WSGIRequest(environ, start_response))
  File "/usr/lib/python3/dist-packages/prewikka/main.py", line 280, in process
    response = err.respond()
  File "/usr/lib/python3/dist-packages/prewikka/error.py", line 106, in respond
    return self._html_respond()
  File "/usr/lib/python3/dist-packages/prewikka/error.py", line 90, in _html_respond
    from prewikka import baseview
  File "/usr/lib/python3/dist-packages/prewikka/baseview.py", line 27, in <module>
    from prewikka import error, history, hookmanager, resource, response, template, utils, view
  File "/usr/lib/python3/dist-packages/prewikka/history.py", line 102, in <module>
    crontab.schedule("search_history", N_("Search history deletion"), "0 * * * *", _regfunc=history._history_cron, enabled=True)
  File "/usr/lib/python3/dist-packages/prewikka/crontab.py", line 240, in schedule
    self._init_system_job(ext_type, name, schedule, enabled, _regfunc)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 91, in inner
    ret = func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/prewikka/crontab.py", line 152, in _init_system_job
    res = env.db.query("SELECT 1 FROM Prewikka_Crontab WHERE ext_type=%s AND userid IS NULL", ext_type)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 547, in query
    return preludedb.SQL.query(self, sql)
RuntimeError: Table 'prewikka.Prewikka_Crontab' doesn't exist
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 59, in inner
    ret = func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 489, in __init__
    dh.apply()
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 74, in inner
    ret = func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 424, in apply
    self._apply()
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 91, in inner
    ret = func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 415, in _apply
    [ update.apply() for update in self.list() ]
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 415, in <listcomp>
    [ update.apply() for update in self.list() ]
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 87, in inner
    return func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 221, in apply
    self.run()
  File "/usr/lib/python3/dist-packages/prewikka/sql/install.py", line 72, in run
    """)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 211, in query
    self.db.query(q)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 547, in query
    return preludedb.SQL.query(self, sql)
RuntimeError: All parts of a PRIMARY KEY must be NOT NULL; if you need NULL in a key, use UNIQUE instead

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/prewikka/main.py", line 277, in process
    response = self._process_static(webreq) or self._process_dynamic(webreq)
  File "/usr/lib/python3/dist-packages/prewikka/main.py", line 244, in _process_dynamic
    self._prewikka_init_if_needed()
  File "/usr/lib/python3/dist-packages/prewikka/main.py", line 134, in _prewikka_init_if_needed
    raise self._prewikka_initialized
  File "/usr/lib/python3/dist-packages/prewikka/main.py", line 122, in _prewikka_init_if_needed
    env.db = database.Database(env.config.database)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 873, in __new__
    return MySQLDatabase(config)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 61, in inner
    raise DatabaseError(message=text_type(e))
prewikka.database.DatabaseError: All parts of a PRIMARY KEY must be NOT NULL; if you need NULL in a key, use UNIQUE instead

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.6/wsgiref/handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
  File "/bin/prewikka-httpd", line 62, in application
    return wsgi.application(environ, start_response)
  File "/usr/lib/python3/dist-packages/prewikka/web/wsgi.py", line 161, in application
    core.process(WSGIRequest(environ, start_response))
  File "/usr/lib/python3/dist-packages/prewikka/main.py", line 280, in process
    response = err.respond()
  File "/usr/lib/python3/dist-packages/prewikka/error.py", line 106, in respond
    return self._html_respond()
  File "/usr/lib/python3/dist-packages/prewikka/error.py", line 90, in _html_respond
    from prewikka import baseview
  File "/usr/lib/python3/dist-packages/prewikka/baseview.py", line 27, in <module>
    from prewikka import error, history, hookmanager, resource, response, template, utils, view
  File "/usr/lib/python3/dist-packages/prewikka/history.py", line 102, in <module>
    crontab.schedule("search_history", N_("Search history deletion"), "0 * * * *", _regfunc=history._history_cron, enabled=True)
  File "/usr/lib/python3/dist-packages/prewikka/crontab.py", line 240, in schedule
    self._init_system_job(ext_type, name, schedule, enabled, _regfunc)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 91, in inner
    ret = func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/prewikka/crontab.py", line 152, in _init_system_job
    res = env.db.query("SELECT 1 FROM Prewikka_Crontab WHERE ext_type=%s AND userid IS NULL", ext_type)
  File "/usr/lib/python3/dist-packages/prewikka/database.py", line 547, in query
    return preludedb.SQL.query(self, sql)
RuntimeError: Table 'prewikka.Prewikka_Crontab' doesn't exist

编辑#3

我试着从这个问题他的解决方案如下:

  • 删除了 Prewikka 数据库
  • 重建 Prewikka 数据库
  • 重试运行 Prewikka

但它对我不起作用,我也按照上面提到的说明使用如何 :https://www.prelude-siem.org/projects/prelude/wiki/InstallingPackageUbuntu。那么我遗漏了什么吗?

希望有人能帮助我!提前谢谢。

答案1

首次安装 Prelude 和 Prewikka 包:

  1. 安装前,我们需要一个数据库来存储警报,我选择在 MySQL 中创建数据库

    $ mysql -u root -p
    Enter password: 
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 8
    Server version: 8.0.13 MySQL Community Server - GPL    
    Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.    
    Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.    
    mysql>CREATE USER user1@localhost IDENTIFIED BY 'pass';
    Query OK, 1 row affected (0,11 sec)    
    mysql>CREATE DATABASE prelude;
    Query OK, 1 row affected (2,09 sec)    
    mysql> GRANT ALL PRIVILEGES ON prelude.* TO user1@localhost;
    Query OK, 0 rows affected (0,93 sec)    
    mysql>CREATE DATABASE prewikka;
    Query OK, 1 row affected (2,10 sec)    
    mysql> GRANT ALL PRIVILEGES ON prelude.* TO user1@localhost;
    Query OK, 0 rows affected (0,94 sec)    
    mysql>FLUSH PRIVILEGES;
    mysql>EXIT;  
    
  2. 需要安装 Prelude 和 Prewikka

    $ sudo apt install prelude-utils prelude-manager prelude-lml libpreludedb*
    Reading package lists... Done
    Building dependency tree       
    Reading state information... Done
    The following additional packages will be installed:
      dbconfig-common libmaxminddb0 prelude-lml-rules
    Suggested packages:
      dbconfig-mysql | dbconfig-pgsql | dbconfig-sqlite | dbconfig-sqlite3 | dbconfig-no-thanks mmdb-bin
    Recommended packages:
      default-mysql-client | postgresql-client
    The following NEW packages will be installed:
      dbconfig-common libmaxminddb0 libpreludedb0 libpreludedb7 libpreludedbcpp2 libpreludedb-dev libpreludedb-doc libpreludedb7-mysql libpreludedb7-pgsql libpreludedb7-sqlite prelude-lml prelude-lml-rules
      prelude-manager
    0 upgraded, 13 newly installed, 0 to remove and 0 not upgraded.
    Need to get 968 kB of archives.
    After this operation, 3.881 kB of additional disk space will be used.
    Do you want to continue? [Y/n] y
    

    dpkg在配置时,我们将创建一个用户数据库、名称数据库和密码数据库,存储在 上dbconfig-common。如果我们像我的情况一样忘记了它们,我们可以在/etc/prewikka/prewikka.conf文件中检查它们。

  3. 代理注册的配置。

    管理器代理和 LML 客户端代理需要作为分析器登录 Prelude 管理员来运行命令包。

    • 首先要添加管理代理,如下所示:

      $ prelude-admin add prelude-manager --uid 0 --gid 0 #for user id and group id, you can check on `/etc/passwd` file.
      Generating 2048 bits RSA private key... This might take a very long time.
      [Increasing system activity will speed-up the process].
      Generation in progress... 
      Created profile 'prelude-manager' with analyzerID 'xxxxxxxxxxxxxxxx'.  
      
    • 注册 LML 代理的第二件事如下:

      $ prelude-admin register prelude-lml "idmef:w admin:r" 127.0.0.1 --uid 0 --gid 0
      Generating 2048 bits RSA private key... This might take a very long time.
      [Increasing system activity will speed-up the process].
      Generation in progress...   
      You now need to start "prelude-admin" registration-server on 127.0.0.1:
      example: "prelude-admin registration-server prelude-manager"  
      Enter the one-shot password provided on 127.0.0.1: 
      Confirm the one-shot password provided on 127.0.0.1:  
      Connecting to registration server (127.0.0.1:5553)... Authentication succeeded.
      Successful registration to 127.0.0.1:5553.  
      

在 Manager Agent 上运行:

$ prelude-admin registration-server prelude-manager
The "password" password will be requested by "prelude-admin register"
in order to connect. Please remove the quotes before using it.  
Generating 1024 bits Diffie-Hellman key for anonymous authentication...
Waiting for peers install request on 0.0.0.0:5553...
Waiting for peers install request on :::5553...      
Connection from 127.0.0.1:45796...
Registration request for analyzerID="xxxxxxxxxxxxxxxx" permission="idmef:w admin:r".
Approve registration? [y/n]: y
127.0.0.1:45796 successfully registered.

证书验证后,忘记配置服务器在/etc/prelude/default/client.conf文件、/etc/prelude/default/global.conf文件、/etc/prelude-manager/prelude-manager.conf文件和/etc/prelude-lml/prelude-lml.conf文件上的监听器。然后我们可以启动 Prelude 的服务:

$ sudo systemctl enable prelude-manager
$ sudo systemctl start prelude-manager
$ sudo systemctl enable prelude-lml
$ sudo systemctl start prelude-lml

最后执行/usr/bin/prewikkapython脚本后,我们将获得监听服务器,0.0.0.0:8000我们可以输入进行浏览localhost:8000,如果没有出现输出错误,那么它将如下所示:

在此处输入图片描述

在此处输入图片描述

资料来源:Prelude-WikiStart从源代码安装从软件包安装Ubuntu

相关内容