Project

General

Profile

Bug #341

Error Profile prelude-correlator

Added by over 15 years ago. Updated almost 15 years ago.

Status:
Closed
Priority:
High
Assignee:
-
Target version:
0.9.0
Start date:
Due date:
% Done:

0%

Resolution:
invalid

Description

Hi partners,

Actually i have installed Prelude-correlator: aptitude install prelude-correlator. The user prelude-correlator its created with uid 104 and GID 106 but when i register the user prelude-correlator i have the following error:

prelude-correlator: WARNING: prelude-client: error starting prelude client: could not open '/etc/prelude/profile/prelude-correlator/analyzerid' for reading Profile 'prelude-correlator' does not exist. In order to create it, please run: prelude-admin register "prelude-correlator" "idmef:rw" <manager address> --uid 104 --gid 106 *.

I ran the command prelude-admin register "prelude-correlator" "idmef:rw" xxx.xxx.xxx.xxx --uid 104 --gid 106 but i have the error. The register is successful. Authentication succeeded. CAN YOU HELP ME WITH THIS CASE??

History

#1 Updated by about 15 years ago

Just got the same problem... (debian lenny, prelude-correlator 0.9.0~beta3-1)

in /var/log/messages I had a permission problem on /etc/prelude/profile/prelude-correlator/analyzerid
prelude-correlator: WARNING: prelude-client: error starting prelude client: could not open '/etc/prelude/profile/prelude-correlator/analyzerid' for reading Profile 'prelude-correlator' does not exist.
i just give it rights (was root:root)
chown prelude-correlator:prelude-correlator /etc/prelude/profile/prelude-correlator/analyzerid

same on /var/spool/prelude/prelude-correlator stuff
prelude-correlator: WARNING: prelude-failover: error starting prelude client: error opening '/var/spool/prelude/prelude-correlator/global': Permission denied.
solution:
chown -R :prelude-correlator /var/spool/prelude/prelude-correlator

and now the prelude-correlator service is running

#2 Updated by Yoann VANDOORSELAERE about 15 years ago

  • Status changed from New to Closed
  • Resolution set to invalid

You might also use prelude-admin chown <profile> --uid X --gid Y to safely modify a profile ownership.
Closing this ticket assuming this is a permission problem, please reopen if it is not.

#3 Updated by Yoann VANDOORSELAERE almost 15 years ago

  • Project changed from PRELUDE SIEM to Prelude Correlator
  • Category deleted (generic)
  • Target version deleted (91)

Also available in: Atom PDF