Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

encore.sh foreground error #5

Open
tklose opened this issue Sep 16, 2022 · 4 comments
Open

encore.sh foreground error #5

tklose opened this issue Sep 16, 2022 · 4 comments

Comments

@tklose
Copy link

tklose commented Sep 16, 2022

After successful encore.sh test, I am seeing this error with the encore.sh foreground command.
I tried stopping the encore to reset the PID file but it still occurs.
It seems that data is being received at Azure Sentinel.
I did not set a outputter setting, as that seemed to break things more.
How do I resolve this?

File "./estreamer/service.py", line 180, in main
self.start( reprocessPkcs12 = args.pkcs12 )
File "./estreamer/service.py", line 140, in start
pidFile.create()
File "/home/username/fp-05-microsoft-sentinel-connector/estreamer/pidfile.py", line 38, in create
raise estreamer.EncoreException('PID file already exists')
estreamer.exception.EncoreException: PID file already exists

File "./estreamer/service.py", line 198, in
Service().main()
File "./estreamer/service.py", line 184, in main
self.logger.error(ex)
File "/home/username/fp-05-microsoft-sentinel-connector/estreamer/crossprocesslogging/baseClient.py", line 100, in error
self.log(logging.ERROR, data)
File "/home//username/fp-05-microsoft-sentinel-connector/estreamer/crossprocesslogging/baseClient.py", line 69, in log
data = self.__serialise( data )
File "/home//username/fp-05-microsoft-sentinel-connector/estreamer/crossprocesslogging/baseClient.py", line 35, in __serialise
message = data.class.name + ': ' + data.message
AttributeError: 'EncoreException' object has no attribute 'message'
@rraj1996
Copy link

Hi @tklose ,

Were you able to fix this?

Regards

@tklose
Copy link
Author

tklose commented Sep 27, 2022 via email

@thinkdreams
Copy link

If you're using the Python3 branch, see below my notes. This is from Cisco TAC after I had a call with them today:

Well, after much ado with Cisco TAC - I had a call with their devs today. Finally I now understand why things weren't working for me at least - and I'm hoping this is the fix for you guys as well.

Basically, Cisco's been updating the main repo, not the python3 branch. The main repo is now using python3 (and not python2 as was expected). The main branch works after I reinstalled it and ran it in the foreground. Going to do more testing, but data is flowing now.

Cisco stated they would be updating this repo and removing the python3 branch entirely to avoid confusion.

@rraj1996
Copy link

rraj1996 commented Dec 3, 2022 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tklose @rraj1996 @thinkdreams