流影安装问题记录

Aggy阿吉

于 2024-08-26 14:25:58 发布

阅读量104

点赞数 1

分类专栏：运维相关文章标签：流影

本文链接：https://blog.csdn.net/m0_37888039/article/details/141561242

版权

运维相关专栏收录该内容

57 篇文章 2 订阅

订阅专栏

tar zxf ly-install-package-v1.1.1.tar.gz

yum install -y net-tools ntpdate boost httpd mariadb-server stunnel rsync MySQL-python sysstat python-setuptools

[root@localhost ~]# vim /etc/yum.repos.d/CentOS-Vault.repo
[root@localhost ~]# vim /etc/yum.repos.d/CentOS-Base.repo
yum clean all ; yum makecache


[root@localhost ly-install-package-v1.1.1]# ./agent_deploy_release.sh
install pf_ring.ko
install libpf_ring
install libppcap
install tcpdump
install tensoflow
install protobuf3
Set up Agent service and data storage directory
no have /data
 Set up a link from the Agent directory to the data directory
Install the Agent main service content
Configure directory access
Install the data collection service
Install Agent main service driver
Check the data collection service dependencies
Check the Agent service dependencies
Configure the language environment as English
Configure time, time zone
Time zone Configured
26 Aug 13:21:33 ntpdate[5764]: adjust time server 84.16.67.12 offset 0.010834 sec
Disable SElinux
Firewall authorizes access
success
Reload firewall policies
success
Configure httpd service
httpd Configured
Start httpd service
httpd Settings boot
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
Configure data collection service onboot
Write periodic task configurations
Create crontab task...
Complete
[root@localhost ly-install-package-v1.1.1]#

[root@localhost ly-install-package-v1.1.1]# cat /etc/rc.local
#!/bin/bash
# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
#
# It is highly advisable to create own systemd services or udev rules
# to run scripts during boot instead of using this file.
#
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
#
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.

touch /var/lock/subsys/local
modprobe  pf_ring
lyprobe -T "%IPV4_SRC_ADDR %IPV4_DST_ADDR %IN_PKTS %IN_BYTES %FIRST_SWITCHED %LAST_SWITCHED %L4_SRC_PORT %L4_DST_PORT %TCP_FLAGS %PROTOCOL %SRC_TOS %DNS_REQ_DOMAIN %DNS_REQ_TYPE %HTTP_URL %HTTP_REQ_METHOD %HTTP_HOST %HTTP_MIME %HTTP_RET_CODE %SRV_TYPE %SRV_NAME %SRV_VERS %DEV_TYPE %DEV_NAME %DEV_VEND %DEV_VERS %OS_TYPE %OS_NAME %OS_VERS %MID_TYPE %MID_NAME %MID_VERS %THREAT_TYPE %THREAT_NAME %THREAT_VERS %ICMP_DATA %ICMP_SEQ_NUM %ICMP_PAYLOAD_LEN %SRV_TIME %DEV_TIME %OS_TIME %MID_TIME %THREAT_TIME" -i ens33 -n 127.0.0.1:9995 -G -e 0 -w 32768 -k 1 -K /data/cap/3
/Agent/bin/nfcapd -w -D -l /data/flow/3 -p 9995
[root@localhost ly-install-package-v1.1.1]#


[root@localhost ly-install-package-v1.1.1]# /bin/sh /etc/rc.local


[root@localhost ly-install-package-v1.1.1]# /bin/sh /etc/rc.local
26/Aug/2024 13:32:37 [nprobe.c:2374] Welcome to lyprobe v.1.0.0 ($Revision: 2212 $) for x86_64-unknown-linux-gnu
26/Aug/2024 13:32:37 [plugin.c:145] Loading plugins from ./plugins ...... Not Found.
26/Aug/2024 13:32:37 [plugin.c:150] Loading plugins from /bin/plugins ...... Loaded.
26/Aug/2024 13:32:37 [servicePlugin.c:766] No pattern found in ./fp-patterns
26/Aug/2024 13:32:37 [servicePlugin.c:763] Load pattern in /bin/plugins/fp-patterns
26/Aug/2024 13:32:37 [servicePlugin.c:505] >load 44 protocol patterns.
26/Aug/2024 13:32:37 [servicePlugin.c:505] >load 15 device patterns.
26/Aug/2024 13:32:37 [servicePlugin.c:505] >load 16 os patterns.
26/Aug/2024 13:32:37 [servicePlugin.c:505] >load 25 midware patterns.
26/Aug/2024 13:32:37 [servicePlugin.c:505] >load 16 threat patterns.
26/Aug/2024 13:32:37 [servicePlugin.c:792] >>Loaded 116 patterns totally.
26/Aug/2024 13:32:37 [plugin.c:585] 4 plugin(s) enabled
26/Aug/2024 13:32:37 [nprobe.c:3564] Capturing packets from interface ens33

[root@localhost ly-install-package-v1.1.1]# ps aux | grep nfcapd
root       6927  0.0  0.0  21348  1192 ?        S    13:32   0:00 /Agent/bin/nfcapd -w -D -l /data/flow/3 -p 9995
root       7005  0.0  0.0 112824   988 pts/0    R+   13:33   0:00 grep --color=auto nfcapd
[root@localhost ly-install-package-v1.1.1]# ps aux | grep lyprobe
root       6920  0.0  0.0 240132  6792 ?        Ssl  13:32   0:00 lyprobe -T %IPV4_SRC_ADDR %IPV4_DST_ADDR %IN_PKTS %IN_BYTES %FIRST_SWITCHED %LAST_SWITCHED %L4_SRC_PORT %L4_DST_PORT %TCP_FLAGS %PROTOCOL %SRC_TOS %DNS_REQ_DOMAIN %DNS_REQ_TYPE %HTTP_URL %HTTP_REQ_METHOD %HTTP_HOST %HTTP_MIME %HTTP_RET_CODE %SRV_TYPE %SRV_NAME %SRV_VERS %DEV_TYPE %DEV_NAME %DEV_VEND %DEV_VERS %OS_TYPE %OS_NAME %OS_VERS %MID_TYPE %MID_NAME %MID_VERS %THREAT_TYPE %THREAT_NAME %THREAT_VERS %ICMP_DATA %ICMP_SEQ_NUM %ICMP_PAYLOAD_LEN %SRV_TIME %DEV_TIME %OS_TIME %MID_TIME %THREAT_TIME -i ens33 -n 127.0.0.1:9995 -G -e 0 -w 32768 -k 1 -K /data/cap/3
root       7032  0.0  0.0 112824   988 pts/0    R+   13:34   0:00 grep --color=auto lyprobe


[root@localhost ly-install-package-v1.1.1]# ./server_deploy_release.sh
Set up Server service and data storage directory
Install the Server main service content
Install Agent main service driver
install protobuf3
check the preprocess service dependencies
Configure the language environment as English
Configure time, time zone
Time zone Configured
26 Aug 13:47:55 ntpdate[8311]: adjust time server 202.112.29.82 offset -0.005185 sec
Disable SElinux
Firewall authorizes access
ERROR:dbus.proxies:Introspect error on :1.205:/org/fedoraproject/FirewallD1/config: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
Error: Connection was disconnected before a reply was received
Reload firewall policies
FirewallD is not running
Configure httpd service
Start httpd service
Configure mariadb service
Start mariadb service
Initialized mariadb

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
Enter current password for root (enter for none):
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
Enter current password for root (enter for none):
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
Enter current password for root (enter for none):
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
Enter current password for root (enter for none):
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y
New password:
Re-enter new password:
Sorry, passwords do not match.

New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n
 ... skipping.

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
Check database
Enter password:
create database server
Enter password:
Import data into database
Enter password:
Please enter your maridb database password:
admin@1234
Set httpd,mariadb service onboot
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
Write periodic task configurations
Create crontab task...
Complete

root admin@123
admin admin
root admin@1234

VM镜像使用说明 
虚拟机安装后，

虚拟机用户名：root，密码：ShyLiuying
流影web端默认使用18080端口，访问地址及默认账号：

访问地址：http://ip:18080/ui
登录管理员账号：admin，密码：LoginLY@2016
制作VMware镜像的软件是macOS下的VMware Fusion 10.1。虚拟机镜像在各个平台的版本对应关系：

对应 Windows 下的VMware Workstation 14
对应服务器软件是VMware vSphere 6.5
推荐使用对应版本（或更高版本）虚拟机软件平台加载镜像，以兼容运行。