SIEM LAB02 Zeek instalation error

Renato_Arraes · August 6, 2023, 5:52am

Course: Elastic Security Fundamentals: SIEM
Version: current
Question: On lab 2 during the installation of zeek, there's a point in wich is requested to run a zeek.sh file, but when i try to run it, i receive the error message "/usr/bin/env: ‘python’: No such file or directory
mv: cannot stat '/home/ubuntu/scripts/data/http.log': No such file or directory"

for better understanding this is the points informed to run the file:
"At this point, the module zeek is enabled but is configured with default configuration which will look for any zeek log files in /var/log/bro/current directory.

We have a small script called zeek.sh inside the scripts directory that replays old zeek http.log file and dumps it into /var/log/bro/current directory. Let’s run that
command:
cd /home/ubuntu/scripts
./zeek.sh
"

After this point that i receive the erro i cannot get any logs of Filebeat on my Kibana

Wave · August 10, 2023, 4:49pm

Hi @Renato_Arraes,

I have no access to that course, but sounds like python isn't available on that environment. Sometimes python3 is the actual name of the python executable. If you have shell access try running

which python3

If you get back a path that would at least tell you where to start.

system · September 9, 2023, 4:49pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.