timesketch icon indicating copy to clipboard operation
timesketch copied to clipboard

Published 20 hours ago verified publisher icon google

Fresh docker-composed installation fails

Open dl8bh opened this issue 2 years ago • 1 comments

Describe the bug When using the deploy_timesketch.sh Skript, creating an investigation results in 404 errors being shown. When trying to upload timelines, the psort-processes crash because of "TypeError: 'NoneType' object is not subscriptable

To Reproduce Steps to reproduce the behavior:

  1. mv /opt/timesketch/ /opt/timesketch_old
  2. cd /opt/; bash ~/deploy_timesketch.sh
  3. start instance, create user
  4. create investigation -> 404
  5. upload timeline -> psort crashes

Expected behavior A working instance of timesketch with the possibility to upload timelines.

Screenshots timesketch_404 index_crash

Desktop (please complete the following information):

  • OS: Ubuntu 20.04

Additional content The copy-pasted log from the screenshot above 2022-03-17 11:16:36,419 [INFO] (MainProcess) PID:34 <data_location> Determined data location: /usr/share/plaso 2022-03-17 11:16:36,671 [INFO] (MainProcess) PID:34 <elastic_ts> Timeline identifier: 2 Traceback (most recent call last): File "/usr/bin/psort.py", line 101, in <module> if not Main(): File "/usr/bin/psort.py", line 74, in Main tool.ProcessStorage() File "/usr/lib/python3/dist-packages/plaso/cli/psort_tool.py", line 522, in ProcessStorage output_engine.ExportEvents( File "/usr/lib/python3/dist-packages/plaso/multi_process/output_engine.py", line 480, in ExportEvents total_number_of_events += stored_session.parsers_counter['total'] TypeError: 'NoneType' object is not subscriptable

dl8bh avatar Mar 17 '22 11:03 dl8bh

Same issue, Centos 3.10(also tried changing vs)

timesketch > sudo docker-compose up -d ERROR: Version in "./docker-compose.yml" is unsupported. You might be seeing this error because you're using the wron g Compose file version. Either specify a supported version (e.g "2.2" or "3.3") and place your service definitions un der the services key, or omit the version key and place your service definitions at the root of the file to use v ersion 1. For more on the Compose file format versions, see https://docs.docker.com/compose/compose-file/

spicy-bear avatar Jul 11 '22 11:07 spicy-bear

I assume that is gone by now since a lot of folks have installed it in the meantime. If the error comes back please re-open

jaegeral avatar Aug 22 '22 19:08 jaegeral