execbeat icon indicating copy to clipboard operation
execbeat copied to clipboard

Published 20 hours ago verified publisher icon christiangalsterer

executable file not found in $PATH

Open fermenreq opened this issue 5 years ago • 0 comments

Hi @christiangalsterer

I get an error while running iptables commands using execbeat.

Error Debug

_2019-04-22T10:42:31Z ERR An error occured while executing command: exec: not started
2019-04-22T10:43:31Z ERR An error occured while executing command: exec: "sudo iptables -A INPUT -m statistic --mode random --probability 0.01 -j DROP": executable file not found in $PATH_

Ansible playbook

I used Ansible in order to install excebeat and its deployed in a docker container:

.....
.....
 - name: EXECBEAT - Donwload my package execbeat-3.3.0-amd64
    get_url : 
     url="https://github.com/christiangalsterer/execbeat/releases/download/3.3.0/execbeat-3.3.0-amd64.deb"
     dest="/etc/execbeat/execbeat-3.3.0-amd64.deb"
    when: stat_result.stat.exists == false

  - name: EXECBEAT - Copy custom template execbeat.yml filename
    copy: src=./setup-files/execbeat.yml dest=/etc/execbeat/execbeat.yml

  - name: EXECBEAT - Install execbeat-3.3.0-amd64.deb
    command: dpkg -i /etc/execbeat/execbeat-3.3.0-amd64.deb
.....
.....

Execbeat.yml

# location /etc/filebeat/

# Custom fields
# BEGIN -- Execbeat custom fields configured by Ansible
fields:
  exeusc: "EXECBEAT"
  component: "EIM"
  stream: "##stream-execbeat##"
fields_under_root: true
# END -- Execbeat custom fields configured by Ansible

# Execbeat
# BEGIN -- ############################ Execbeat ############################
execbeat:
  commands:
  - 
    # The command to execute by Execbeat
    command: sudo iptables -A INPUT -m statistic --mode random --probability 0.01 -j DROP
# END -- ############################ Execbeat ############################

logging:
    level: error
    files:
      path: "/tmp/beats/logs"
      name: execbeat_error.log
      rotateeverybytes: 2048
      keepfiles: 7

# Logstash output
# BEGIN -- ############################ Logstash output ############################
output.logstash:
  hosts: ["172.18.0.4:5044"]
# END -- ############################ Logstash output ############################

Could be a possible Go bug ? https://stackoverflow.com/questions/44786643/exec-executable-file-not-found-in-path

Details: Image Linux dcd33f5897c8 4.15.0-47-generic #50~16.04.1-Ubuntu SMP Fri Mar 15 16:06:21 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

Contact: [email protected]

Thanks Fernando -

fermenreq avatar Apr 22 '19 11:04 fermenreq