Hi, is there away to start maltrail sensor and server automatically at OS boot? thanks

Jul 16 '17 17:07 rout3rx

hi @rout3rx this is script i am using on centos 7, maltrail location is /opt/maltrail ( eventually you will need to adjust for you )

Setting up the Maltrail server service

echo "Setting up the Maltrail server service" echo "[Unit]" >> /etc/systemd/system/maltrail_server.service echo "Description=Maltrail server service" >> /etc/systemd/system/maltrail_server.service echo "After=network.target elasticsearch.service kibana.service" >> /etc/systemd/system/maltrail_server.service echo "[Service]" >> /etc/systemd/system/maltrail_server.service echo "Type=simple" >> /etc/systemd/system/maltrail_server.service echo "ExecStart=/usr/bin/python /opt/maltrail/server.py" >> /etc/systemd/system/maltrail_server.service echo "Restart=on-failure" >> /etc/systemd/system/maltrail_server.service echo "RestartSec=30" >> /etc/systemd/system/maltrail_server.service echo "StandardOutput=journal" >> /etc/systemd/system/maltrail_server.service echo "[Install]" >> /etc/systemd/system/maltrail_server.service echo "WantedBy=multi-user.target" >> /etc/systemd/system/maltrail_server.service

Setting up the Maltrail sensor service

echo "Setting up the Maltrail sensor service" echo "[Unit]" >> /etc/systemd/system/maltrail_sensor.service echo "Description=Maltrail sensor service" >> /etc/systemd/system/maltrail_sensor.service echo "After=network.target elasticsearch.service kibana.service" >> /etc/systemd/system/maltrail_sensor.service echo "[Service]" >> /etc/systemd/system/maltrail_sensor.service echo "Type=simple" >> /etc/systemd/system/maltrail_sensor.service echo "ExecStart=/usr/bin/python /opt/maltrail/sensor.py" >> /etc/systemd/system/maltrail_sensor.service echo "Restart=on-failure" >> /etc/systemd/system/maltrail_sensor.service echo "RestartSec=30" >> /etc/systemd/system/maltrail_sensor.service echo "StandardOutput=journal" >> /etc/systemd/system/maltrail_sensor.service echo "[Install]" >> /etc/systemd/system/maltrail_sensor.service echo "WantedBy=multi-user.target" >> /etc/systemd/system/maltrail_sensor.service

systemctl enable maltrail_sensor.service systemctl enable maltrail_server.service

systemctl start maltrail_server.service systemctl status maltrail_server.service

systemctl start maltrail_sensor.service systemctl status maltrail_sensor.service

Jul 17 '17 13:07 dgrgicevic

thanks a lot for you complete answer. do you have try it on Freebsd also?

Jul 17 '17 14:07 rout3rx

@rout3rx currently, in our production environment we prefer usage of following:

sensor.py (root's cronjob):

# m h  dom mon dow   command
*/1 * * * * /usr/bin/pgrep -f sensor.py || /usr/bin/python /opt/maltrail/sensor.py -c /etc/maltrail.conf

server.py (preferably non-root's user cronjob)

# m h  dom mon dow   command
*/5 * * * * /usr/bin/pgrep -f server.py || /usr/bin/python /opt/maltrail/server.py -c /etc/maltrail.conf

Jul 17 '17 20:07 stamparm

nice, i get everything i have just 2 error : [?] please install 'schedtool' for better CPU scheduling

and second : its not an error but which ports should i to open to see web interface?

Jul 18 '17 07:07 rout3rx

See here.

Jul 19 '17 00:07 Atavic

I'm having some trouble autostarting sensor and server. I have git cloned maltrail to /home/[user]/.maltrail and both run fine via command line. I pointed "server.py", "sensor.py" and "maltrail.conf" to the /home/[user]/.maltrail/ path when in both crontabs.

If I use the /usr/bin/pgrep parameter server and sensor won't start at all. If I don't use it the sensor process seems to start multiplying itself until it uses all the ram and my computer freezes.

Is this just because I'm starting maltrail from my home folder? Just in case, I'm using Xubuntu 18.04

Thanks in advance

Oct 09 '18 21:10 bicodegas

Resolved/Done via:

https://github.com/stamparm/maltrail/blob/master/maltrail-sensor.service https://github.com/stamparm/maltrail/blob/master/maltrail-server.service

Nov 03 '22 23:11 MikhailKasimov