Ubuntu 14.04 Request Tracker RT rt-4.2.14 RT for Incident Response RTIR 4.0.0
export http_proxy="http://10.x.x.x:3128"
export https_proxy="http://10.x.x.x.x:3128"
#!/bin/bash | |
# | |
# OpenVAS automation script. | |
# Mariusz B. / mgeeky, '17 | |
# v0.1 | |
# | |
trap ctrl_c INT | |
# --- CONFIGURATION --- |
# Bro-IDS Logstash parser | |
# Parts of this taken from http://www.appliednsm.com/wp-content/uploads/logstash-SObro22-parse.conf_.txt | |
#Logs being parsed: | |
#app_stats.log | |
#conn.log | |
#dns.log | |
#dpd.log | |
#files.log | |
#http.log |
apt -y install dmidecode hwdata ucf hdparm
apt -y install perl libuniversal-require-perl libwww-perl libparse-edid-perl
apt -y install libproc-daemon-perl libproc-pid-file-perl libfile-which-perl
apt -y install libxml-treepp-perl libyaml-perl libnet-cups-perl libnet-ip-perl
apt -y install libdigest-sha-perl libsocket-getaddrinfo-perl
apt -y install nmap libnet-snmp-perl libcrypt-des-perl libnet-nbname-perl
[2017-10-03T20:21:09,732][ERROR][logstash.inputs.metrics ] Failed to create monitoring event {:message=>"For path: events", :error=>"LogStash::Instrument::MetricStortricNotFound"}
Add the following line to /etc/elasticsearch/elasticsearch.yml and restart elasticsearch
nano /etc/elasticsearch/elasticsearch.yml
paste: action.auto_create_index: .security,.security-6,.monitoring*,.watches,.triggered_watches,.watcher-history*
ctrl x --> y --> Enter
service elasticsearch restart
Delete ocsweb database and run http://localhost/ocsreports/install.php
tcpdump -D See the list of interfaces on which tcpdump can listen
tcpdump -i eth0 Listen on interface eth0:
tcpdump -i any Listen on any available interface (cannot be done in promiscuous mode. Requires Linux kernel 2.2 or greater):