From 681aecb2bc7950219ff05bb890cc0dfc62d443f2 Mon Sep 17 00:00:00 2001 From: Ahmed Shawky Date: Fri, 20 Mar 2020 20:01:25 +0400 Subject: [PATCH 1/2] Should fix an issue when installing zeek https://github.com/cyberdefenders/DetectionLabELK/issues/1 zkg 2.1.0 has an issue with Python2 https://github.com/zeek/package-manager/issues/60 --- Vagrant/bootstrap.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Vagrant/bootstrap.sh b/Vagrant/bootstrap.sh index 3e468c1..c520875 100644 --- a/Vagrant/bootstrap.sh +++ b/Vagrant/bootstrap.sh @@ -324,7 +324,7 @@ install_zeek() { # Install tools to build and configure Zeek apt-get -qq -ym install zeek crudini python-pip export PATH=$PATH:/opt/zeek/bin - pip install zkg + pip install zkg==2.0.7 zkg refresh zkg autoconfig zkg install --force salesforce/ja3 From 388ab44a5646d7f67e03b7f438062ee345c476bf Mon Sep 17 00:00:00 2001 From: Ahmed Shawky Date: Fri, 20 Mar 2020 21:59:05 +0400 Subject: [PATCH 2/2] Bump zkg version to 2.1.1 --- Vagrant/bootstrap.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Vagrant/bootstrap.sh b/Vagrant/bootstrap.sh index f65041a..49a8820 100644 --- a/Vagrant/bootstrap.sh +++ b/Vagrant/bootstrap.sh @@ -232,7 +232,7 @@ install_splunk() { # echo "[$(date +%H:%M:%S)]: Download Complete." # echo "[$(date +%H:%M:%S)]: Extracting to Splunk Apps directory" # tar zxvf /opt/botsv3_data_set.tgz -C /opt/splunk/etc/apps/ - ### BOTSv3 COMMENT BLOCK ENDS ### + ### BOTSv3 COMMENT BLOCK ENDS ### # Add custom Macro definitions for ThreatHunting App cp /vagrant/resources/splunk_server/macros.conf /opt/splunk/etc/apps/ThreatHunting/default/macros.conf @@ -371,7 +371,7 @@ install_zeek() { # Install tools to build and configure Zeek apt-get -qq -ym install zeek crudini python-pip export PATH=$PATH:/opt/zeek/bin - pip install zkg==2.0.7 + pip install zkg==2.1.1 zkg refresh zkg autoconfig zkg install --force salesforce/ja3