SIEM LAB02 Zeek instalation error

Renato_Arraes · August 6, 2023, 5:52am

Course: Elastic Security Fundamentals: SIEM
Version: current
Question: On lab 2 during the installation of zeek, there's a point in wich is requested to run a zeek.sh file, but when i try to run it, i receive the error message "/usr/bin/env: ‘python’: No such file or directory
mv: cannot stat '/home/ubuntu/scripts/data/http.log': No such file or directory"

for better understanding this is the points informed to run the file:
"At this point, the module zeek is enabled but is configured with default configuration which will look for any zeek log files in /var/log/bro/current directory.

We have a small script called zeek.sh inside the scripts directory that replays old zeek http.log file and dumps it into /var/log/bro/current directory. Let’s run that
command:
cd /home/ubuntu/scripts
./zeek.sh
"

After this point that i receive the erro i cannot get any logs of Filebeat on my Kibana

Wave · August 10, 2023, 4:49pm

Hi @Renato_Arraes,

I have no access to that course, but sounds like python isn't available on that environment. Sometimes python3 is the actual name of the python executable. If you have shell access try running

which python3

If you get back a path that would at least tell you where to start.

system · September 9, 2023, 4:49pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Zeek with elasticsearch Elasticsearch	2	406	November 9, 2020
Running ELK Stack - Lab Environment - Ubuntu Beats filebeat	9	715	June 17, 2021
Zeek Filebeat Module to Logstash JSON Logstash	2	703	October 22, 2019
I can't see Zeek's http.log in Kibana but everything else (DNS, SSL, etc.) is fine Beats filebeat	2	1554	March 2, 2020
Issue with Filebeat Zeek module Beats filebeat	18	668	March 15, 2024

SIEM LAB02 Zeek instalation error

Related topics