OSSIM Image support

Here you can ask EVE-NG team to add new images to the list to play in lab.

Do not ask questions like "where I can get image x or Y" in that forum

Moderator: mike

Post Reply
raskin
Posts: 8
Joined: Fri Apr 09, 2021 10:57 am

OSSIM Image support

Post by raskin » Mon May 10, 2021 6:21 am

Dear All,

Can we have OSSIM Image support in eve-ng which is a open source SIEM.

https://cybersecurity.att.com/products/ossim

Thanks
Raskin

Uldis (UD)
Posts: 3948
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: OSSIM Image support

Post by Uldis (UD) » Mon May 10, 2021 8:47 am

I got success, but it is super heavy image..
Might be I will include in next EVE release.
Installed from ISO
x4 CPU
x8GB RAM
HDA hdd 50Gb
Ethernets: 1-2
NIC E1000
console: VNC and https
Qemu version: 2.12.0
Qemu options: -machine type=pc,accel=kvm -vga virtio -usbdevice tablet -boot order=cd -cpu host
Use EVE Linux template
You do not have the required permissions to view the files attached to this post.

raskin
Posts: 8
Joined: Fri Apr 09, 2021 10:57 am

Re: OSSIM Image support

Post by raskin » Mon May 10, 2021 1:31 pm

Hi Uldis,

Thanks for your guidance. I tried but failed to install the SIEM like you in eve-ng GCP.
SIEM-1.JPG
SIEM-2.JPG

The installation fails to installs the grub finally.

Not sure what to do to fix it.
You do not have the required permissions to view the files attached to this post.

Uldis (UD)
Posts: 3948
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: OSSIM Image support

Post by Uldis (UD) » Mon May 10, 2021 3:06 pm

you did not set qemu option my friend what I mentioned above

-machine type=pc,accel=kvm -vga virtio -usbdevice tablet -boot order=cd -cpu host

raskin
Posts: 8
Joined: Fri Apr 09, 2021 10:57 am

Re: OSSIM Image support

Post by raskin » Mon May 10, 2021 6:03 pm

Hi Uldis,

Thanks for your help as always . I had inputted below qemu option eacy attempt but somehow -cpu host was not getting saved and finally after multiple attempt its getting saved during edit and first error related to CPU and SSSE3 got fixed.

-machine type=pc,accel=kvm -vga virtio -usbdevice tablet -boot order=cd -cpu host

But still the grub error is coming and if i select no option it does not continues anymore and if i select yes finally unable to install at the end. If we omit the grub install and move forward after installation it shows only booting from HDD and does not gets further anymore post finish of installation.
You do not have the required permissions to view the files attached to this post.

raskin
Posts: 8
Joined: Fri Apr 09, 2021 10:57 am

Re: OSSIM Image support

Post by raskin » Mon May 10, 2021 6:30 pm

I am sharing current host settings and boot status
You do not have the required permissions to view the files attached to this post.

Uldis (UD)
Posts: 3948
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: OSSIM Image support

Post by Uldis (UD) » Wed May 12, 2021 7:38 am

show me content of your image folder

Code: Select all

root@eve-ng:/opt/unetlab/addons/qemu/linux-ossim# ls -l
total 745672
-rw-r--r-- 1 root root 763363328 May 10 10:11 cdrom.iso
-rw-r--r-- 1 root root    197632 May 10 10:14 hda.qcow2
root@eve-ng:/opt/unetlab/addons/qemu/linux-ossim# 
the HDD was created with:

Code: Select all

root@eve-ng:/opt/unetlab/addons/qemu/linux-ossim# /opt/qemu/bin/qemu-img create -f qcow2 hda.qcow2 50G

raskin
Posts: 8
Joined: Fri Apr 09, 2021 10:57 am

Re: OSSIM Image support

Post by raskin » Thu May 13, 2021 2:13 pm

Hi Uldis,

i have finally identified the issue. i was following Hdd format as virtioa.qcow2 instead of hda which was resulting to the failure of grub installation properly. Thanks a lot to you for proper guidance to identify the problem.

Thanks
Raskin

Post Reply