dogoncouch / logesp Goto Github PK
View Code? Open in Web Editor NEWOpen Source SIEM (Security Information and Event Management system).
License: MIT License
Open Source SIEM (Security Information and Event Management system).
License: MIT License
List rule - compare a field in events to a list
(myenv) sai@sai-VirtualBox:/opt/LogESP$ make newdb
--- Loading initial migrations...
python manage.py migrate
File "manage.py", line 14
) from exc
^
SyntaxError: invalid syntax
Makefile:90: recipe for target 'newdb-setup' failed
make: *** [newdb-setup] Error 1
Dead process rule - trigger if event doesn't happen (like limit rules, but with minimum limit instead of maximum).
was installing in ubuntu 16.04LTS had everything configured with virtual environment python 3
(env) root@syslogserver-VirtualBox:/opt/LogESP# python --version Python 3.5.2
the error
(env) root@syslogserver-VirtualBox:/opt/LogESP# make newdb
--- Loading initial migrations...
python manage.py migrate
Traceback (most recent call last):
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/base/base.py", line 217, in ensure_connection
self.connect()
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/base/base.py", line 195, in connect
self.connection = self.get_new_connection(conn_params)
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/mysql/base.py", line 227, in get_new_connection
return Database.connect(**conn_params)
File "/opt/LogESP/env/lib/python3.5/site-packages/MySQLdb/init.py", line 84, in Connect
return Connection(*args, **kwargs)
File "/opt/LogESP/env/lib/python3.5/site-packages/MySQLdb/connections.py", line 164, in init
super(Connection, self).init(*args, **kwargs2)
MySQLdb._exceptions.OperationalError: (1698, "Access denied for user 'logespd'@'localhost'")
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 15, in
execute_from_command_line(sys.argv)
File "/opt/LogESP/env/lib/python3.5/site-packages/django/core/management/init.py", line 381, in execute_from_command_line
utility.execute()
File "/opt/LogESP/env/lib/python3.5/site-packages/django/core/management/init.py", line 375, in execute
self.fetch_command(subcommand).run_from_argv(self.argv)
File "/opt/LogESP/env/lib/python3.5/site-packages/django/core/management/base.py", line 323, in run_from_argv
self.execute(*args, **cmd_options)
File "/opt/LogESP/env/lib/python3.5/site-packages/django/core/management/base.py", line 361, in execute
self.check()
File "/opt/LogESP/env/lib/python3.5/site-packages/django/core/management/base.py", line 390, in check
include_deployment_checks=include_deployment_checks,
File "/opt/LogESP/env/lib/python3.5/site-packages/django/core/management/commands/migrate.py", line 64, in _run_checks
issues = run_checks(tags=[Tags.database])
File "/opt/LogESP/env/lib/python3.5/site-packages/django/core/checks/registry.py", line 72, in run_checks
new_errors = check(app_configs=app_configs)
File "/opt/LogESP/env/lib/python3.5/site-packages/django/core/checks/database.py", line 10, in check_database_backends
issues.extend(conn.validation.check(**kwargs))
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/mysql/validation.py", line 9, in check
issues.extend(self._check_sql_mode(**kwargs))
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/mysql/validation.py", line 13, in _check_sql_mode
with self.connection.cursor() as cursor:
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/base/base.py", line 256, in cursor
return self._cursor()
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/base/base.py", line 233, in _cursor
self.ensure_connection()
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/base/base.py", line 217, in ensure_connection
self.connect()
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/utils.py", line 89, in exit
raise dj_exc_value.with_traceback(traceback) from exc_value
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/base/base.py", line 217, in ensure_connection
self.connect()
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/base/base.py", line 195, in connect
self.connection = self.get_new_connection(conn_params)
File "/opt/LogESP/env/lib/python3.5/site-packages/django/db/backends/mysql/base.py", line 227, in get_new_connection
return Database.connect(**conn_params)
File "/opt/LogESP/env/lib/python3.5/site-packages/MySQLdb/init.py", line 84, in Connect
return Connection(*args, **kwargs)
File "/opt/LogESP/env/lib/python3.5/site-packages/MySQLdb/connections.py", line 164, in init
super(Connection, self).init(*args, **kwargs2)
django.db.utils.OperationalError: (1698, "Access denied for user 'logespd'@'localhost'")
Makefile:90: recipe for target 'newdb-setup' failed
make: *** [newdb-setup] Error 1
many thanks would love to hear your response : )
LogESP/__init__.py
):Add install instructions for CentOS.
Add Makefile target for updating.
Add more security to Ubuntu install documentation to make it more production-ready.
Default Ubuntu install hangs on shutdown/reboot unless you kill uwsgi beforehand (use -11
; SIGTERM seems to have no effect).
LogESP/__init__.py
): 0.2-dev10Some parser threads lose connection to the database periodically, even if the database is on localhost.
No DB error events (or at least not many) logged by LogESP.
Daemon log events logged by logesp (manage.py) when a thread gets repeated DB errors. The error portion of the events:
Error: (2006, 'MySQL server has gone away')
The threads never re-establish a connection.
Seems to happen more as the number of parser threads goes up.
LogESP/__init__.py
):LogESP/__init__.py
):ESP rule - triggered by chain of events in a specific order.
RuleEvent.source_rule_name=RULENAME FOLLOWED BY
LogEvent.source_host=X.X.X.X AND LogEvent.log_source=LOGSOURCE
FOLLOWED BY RuleEvent.source_rule_name=RULENAME
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.