Siem v4.4.3 (Rev. 40409) Installation Script - https://www.siem.com
You are about to start the installation process of Siem.
You must have a C compiler pre-installed in your system.
- System: Linux siem 5.4.0-65-generic (ubuntu 20.04)
- User: root
- Host: siem
-- Press ENTER to continue or Ctrl-C to abort. --
- You already have Siem installed. Do you want to update it? (y/n): y
- Installation will be made at /var/ossec .
4- Installing the system
DIR="/var/ossec"
- Running the Makefile
make siem-maild - siem-csyslogd - siem-agentlessd - siem-execd -
siem-logcollector - siem-remoted siem-agentd manage_agents utils
active-responses siem-syscheckd siem-monitord siem-reportd siem-authd
siem-analysisd siem-logtest-legacy siem-dbd - siem-integratord
siem-modulesd siem-db build_sysinfo build_shared_modules build_syscollector
make[1]: Entering directory '/root/siem-4.4.3/src'
make[1]: 'siem-maild' is up to date.
make[1]: 'siem-csyslogd' is up to date.
make[1]: 'siem-agentlessd' is up to date.
make[1]: 'siem-execd' is up to date.
make[1]: 'siem-logcollector' is up to date.
make[1]: 'siem-remoted' is up to date.
make[1]: 'siem-agentd' is up to date.
make[1]: 'manage_agents' is up to date.
make[1]: Nothing to be done for 'utils'.
make[1]: Nothing to be done for 'active-responses'.
make[1]: 'siem-syscheckd' is up to date.
make[1]: 'siem-monitord' is up to date.
make[1]: 'siem-reportd' is up to date.
make[1]: 'siem-authd' is up to date.
make[1]: 'siem-analysisd' is up to date.
make[1]: 'siem-logtest-legacy' is up to date.
make[1]: 'siem-dbd' is up to date.
make[1]: 'siem-integratord' is up to date.
make[1]: 'siem-modulesd' is up to date.
make[1]: 'siem-db' is up to date.
cd data_provider/ && mkdir -p build && cd build && cmake .. && make
cd shared_modules/dbsync/ && mkdir -p build && cd build && cmake .. &&
make
-- Configuring done
-- Configuring done
-- Generating done
-- Generating done
-- Build files have been written to:
/root/siem-4.4.3/src/data_provider/build
-- Build files have been written to:
/root/siem-4.4.3/src/shared_modules/dbsync/build
make[2]: Entering directory '/root/siem-4.4.3/src/data_provider/build'
make[2]: Entering directory
'/root/siem-4.4.3/src/shared_modules/dbsync/build'
make[3]: Entering directory '/root/siem-4.4.3/src/data_provider/build'
make[3]: Entering directory
'/root/siem-4.4.3/src/shared_modules/dbsync/build'
make[4]: Entering directory '/root/siem-4.4.3/src/data_provider/build'
make[4]: Entering directory
'/root/siem-4.4.3/src/shared_modules/dbsync/build'
make[4]: Leaving directory '/root/siem-4.4.3/src/data_provider/build'
make[4]: Leaving directory
'/root/siem-4.4.3/src/shared_modules/dbsync/build'
[ 84%] Built target sysinfo
[ 60%] Built target dbsync
make[4]: Entering directory '/root/siem-4.4.3/src/data_provider/build'
make[4]: Entering directory
'/root/siem-4.4.3/src/shared_modules/dbsync/build'
make[4]: Entering directory
'/root/siem-4.4.3/src/shared_modules/dbsync/build'
make[4]: Leaving directory '/root/siem-4.4.3/src/data_provider/build'
make[4]: Leaving directory
'/root/siem-4.4.3/src/shared_modules/dbsync/build'
make[4]: Leaving directory
'/root/siem-4.4.3/src/shared_modules/dbsync/build'
[ 80%] Built target dbsync_example
[100%] Built target dbsync_test_tool
[100%] Built target sysinfo_test_tool
make[3]: Leaving directory '/root/siem-4.4.3/src/data_provider/build'
make[3]: Leaving directory
'/root/siem-4.4.3/src/shared_modules/dbsync/build'
make[2]: Leaving directory '/root/siem-4.4.3/src/data_provider/build'
make[2]: Leaving directory
'/root/siem-4.4.3/src/shared_modules/dbsync/build'
cd shared_modules/rsync/ && mkdir -p build && cd build && cmake .. &&
make
-- Configuring done
-- Generating done
-- Build files have been written to:
/root/siem-4.4.3/src/shared_modules/rsync/build
make[2]: Entering directory
'/root/siem-4.4.3/src/shared_modules/rsync/build'
make[3]: Entering directory
'/root/siem-4.4.3/src/shared_modules/rsync/build'
make[4]: Entering directory
'/root/siem-4.4.3/src/shared_modules/rsync/build'
make[4]: Leaving directory '/root/siem-4.4.3/src/shared_modules/rsync/build'
[ 37%] Built target rsync
make[4]: Entering directory
'/root/siem-4.4.3/src/shared_modules/rsync/build'
make[4]: Leaving directory '/root/siem-4.4.3/src/shared_modules/rsync/build'
[100%] Built target rsync_test_tool
make[3]: Leaving directory '/root/siem-4.4.3/src/shared_modules/rsync/build'
make[2]: Leaving directory '/root/siem-4.4.3/src/shared_modules/rsync/build'
cd siem_modules/syscollector/ && mkdir -p build && cd build && cmake ..
&& make
-- Configuring done
-- Generating done
-- Build files have been written to:
/root/siem-4.4.3/src/siem_modules/syscollector/build
make[2]: Entering directory
'/root/siem-4.4.3/src/siem_modules/syscollector/build'
make[3]: Entering directory
'/root/siem-4.4.3/src/siem_modules/syscollector/build'
make[4]: Entering directory
'/root/siem-4.4.3/src/siem_modules/syscollector/build'
make[4]: Leaving directory
'/root/siem-4.4.3/src/siem_modules/syscollector/build'
[ 66%] Built target syscollector
make[4]: Entering directory
'/root/siem-4.4.3/src/siem_modules/syscollector/build'
make[4]: Leaving directory
'/root/siem-4.4.3/src/siem_modules/syscollector/build'
[100%] Built target syscollector_test_tool
make[3]: Leaving directory
'/root/siem-4.4.3/src/siem_modules/syscollector/build'
make[2]: Leaving directory
'/root/siem-4.4.3/src/siem_modules/syscollector/build'
make[1]: Leaving directory '/root/siem-4.4.3/src'
make settings
make[1]: Entering directory '/root/siem-4.4.3/src'
General settings:
TARGET: server
V:
DEBUG:
DEBUGAD
INSTALLDIR: /var/ossec
DATABASE:
ONEWAY: no
CLEANFULL: no
RESOURCES_URL: https://packages.siem.com/deps/20
EXTERNAL_SRC_ONLY:
User settings:
SIEM_GROUP: siem
SIEM_USER: siem
USE settings:
USE_ZEROMQ: no
USE_GEOIP: no
USE_PRELUDE: no
USE_INOTIFY: no
USE_BIG_ENDIAN: no
USE_SELINUX: no
USE_AUDIT: yes
DISABLE_SYSC: no
DISABLE_CISCAT: no
IMAGE_TRUST_CHECKS: 1
CA_NAME: DigiCert High Assurance EV Root CA
Mysql settings:
includes:
libs:
Pgsql settings:
includes:
libs:
Defines:
-DOSSECHIDS -DUSER="siem" -DGROUPGLOBAL="siem" -DLinux
-DINOTIFY_ENABLED -D_XOPEN_SOURCE=600 -D_GNU_SOURCE -DIMAGE_TRUST_CHECKS=1
-DCA_NAME='DigiCert High Assurance EV Root CA' -DENABLE_SYSC
-DENABLE_CISCAT -DENABLE_AUDIT
Compiler:
CFLAGS -pthread -Iexternal/libdb/build_unix/
-Iexternal/pacman/lib/libalpm/ -Iexternal/libarchive/libarchive
-Wl,--start-group -Iexternal/audit-userspace/lib -DNDEBUG -O2 -DOSSECHIDS
-DUSER="siem" -DGROUPGLOBAL="siem" -DLinux -DINOTIFY_ENABLED
-D_XOPEN_SOURCE=600 -D_GNU_SOURCE -DIMAGE_TRUST_CHECKS=1
-DCA_NAME='DigiCert High Assurance EV Root CA' -DENABLE_SYSC
-DENABLE_CISCAT -DENABLE_AUDIT -pipe -Wall -Wextra -std=gnu99 -I./
-I./headers/ -Iexternal/openssl/include -Iexternal/cJSON/
-Iexternal/libyaml/include -Iexternal/curl/include
-Iexternal/msgpack/include -Iexternal/bzip2/ -Ishared_modules/common
-Ishared_modules/dbsync/include -Ishared_modules/rsync/include
-Isiem_modules/syscollector/include -Idata_provider/include
-Iexternal/libpcre2/include -Iexternal/rpm//builddir/output/include
LDFLAGS '-Wl,-rpath,/../lib' -pthread -lrt -ldl -O2
-Lshared_modules/dbsync/build/lib -Lshared_modules/rsync/build/lib
-Lsiem_modules/syscollector/build/lib -Ldata_provider/build/lib
LIBS -lrt -ldl -lm
CC gcc
MAKE make
make[1]: Leaving directory '/root/siem-4.4.3/src'
Done building server
Stopping Siem...
server
Wait for success...
success
Removing old SCA policies...
Installing SCA policies...
Installing additional SCA policies...
mkdir -p /var/ossec/framework/python
cp external/cpython.tar.gz /var/ossec/framework/python/cpython.tar.gz &&
tar -xf /var/ossec/framework/python/cpython.tar.gz -C
/var/ossec/framework/python && rm -rf
/var/ossec/framework/python/cpython.tar.gz
find /var/ossec/framework/python -name "*libpython3.9.so.1.0" -exec ln -f
{} /var/ossec/lib/libpython3.9.so.1.0 \;
cd ../framework && /var/ossec/framework/python/bin/python3 setup.py clean
--all install --prefix=/var/ossec/framework/python --siem-version=v4.4.3
--install-type=server
Segmentation fault (core dumped)
make: *** [Makefile:2238: install_framework] Error 139
Wait for success...
success
Searching for deprecated rules and decoders...
Starting Siem...
Job for siem-manager.service failed because the control process exited with
error code.
See "systemctl status siem-manager.service" and "journalctl -xe" for
details.
- Configuration finished properly.
- To start Siem:
/var/ossec/bin/siem-control start
- To stop Siem:
/var/ossec/bin/siem-control stop
- The configuration can be viewed or modified at /var/ossec/etc/ossec.conf
Thanks for using Siem.
Please don't hesitate to contact us if you need help or find
any bugs.
Use our public Mailing List at:
https://groups.google.com/forum/#!forum/siem
More information can be found at:
- http://www.siem.com
--- Press ENTER to finish (maybe more information below). ---
- Update completed.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ossec-list/da282269-01c9-48e1-bfb2-566c45060f0fn%40googlegroups.com.
