๊ฐ•์˜

N
์ฑŒ๋ฆฐ์ง€

๋ฉ˜ํ† ๋ง

N
ํด๋ฆฝ

๋กœ๋“œ๋งต

Security & Network

/

Computer Security

Complete SIEM Deployment in One Go: First Steps in Threat Hunting Using Wazuh and ELK (Basics)

From Theory to the Field: Proving Core Competencies of a Security Expert through Wazuh+ELK SIEM Implementation Design and operate a Threat Hunting system, the core of security monitoring, firsthand. Through hands-on practice based on real-world attack scenarios, transform into a professional security engineer capable of delivering immediate results in the field.

(4.9) 9 reviews

143 learners

Level Basic

Course period Unlimited

Linux
Linux
Microsoft Windows
Microsoft Windows
security
security
wazuh
wazuh
ossec
ossec
Linux
Linux
Microsoft Windows
Microsoft Windows
security
security
wazuh
wazuh
ossec
ossec
News list
zeromini๋‹˜์˜ ํ”„๋กœํ•„ ์ด๋ฏธ์ง€
zeromini

Chapter 01 - 05_Errors and solutions when performing the threat hunting system #2 (wazuh Install) (Language pack related issues)

This content was shared by our student (Airman) regarding troubleshooting.

ย 

Troubleshooting Summary: When installing Linux, the installation is in 'English' ( unattended.sh (shell script) does not work properly due to encoding and other problems)

In the middle of the class, I'm asked to perform an unattended installation by executing the command below, but the installation stops with an error "If you installed Ubuntu in a language other than English." curl -so ~/ unattended-installation.sh https://packages.wazuh.com/resources/4.2/open-distro/unattended-installation/unattended-installation.sh && bash ~/ unattended-installation.sh -i Terminal output: No operand on line 332 in the shell script ~ Cause of the problem: In line 331 of the shell script, there is a content that says to find the string called Mem by executing the free -g command and find the value of the second argument there, but "This is because it cannot be found if the system language is installed in a language other than English, and an error occurs." First, as a solution, install Ubuntu in English from the beginning. If you installed Ubuntu in a different language, it is recommended to change it to English through the process below and execute the curl ~~ command. Use the locale -a command to find if en_US.UTF-8 exists.

If there is) sudo update-locale LANG=en_US.UTF-8

If not, run sudo locale-gen en_US.UTF-8 and then run sudo update-locale LANG=en_US.UTF-8

Apply system changes without rebooting*

Finally, whether or not there is one, run the following command: source /etc/default/locale

Of course, I could change the script content to free -g | awk 'NR==2{print $2}' without changing the language, but I don't want to go through the trouble of finding the corresponding content in the shell script. After the failure error appears, why don't I just run it again by adding the overwrite option like bash ~/ unattended-installation.sh -i โ€”overwrite? But this also means "In the end, the clean installation didn't go well, so I keep getting an error saying that something was not installed."

Comment