-
-
Notifications
You must be signed in to change notification settings - Fork 30
Zeek container start errors #33
Comments
Hello, I tried to get your image directly on Docker hub but I still have the same problem, thanks for your help. docker-compose -f docker-compose.elastic.yml up zeek Pulling zeek (blacktop/zeek:latest)... |
Hello,
Thank you for your work but after following your explanation for the deployment of Zeek by the docker-compose file I have the Zeek container that starts and stops after errors, here below the log of the Zeek container.
Thanks for your help.
$ git clone --depth 1 https://github.com/blacktop/docker-zeek.git
$ cd docker-zeek
$ docker-compose -f docker-compose.elastic.yml up -d kibana
wait a few minutes for "kibana" to start
$ docker-compose -f docker-compose.elastic.yml up -d filebeat
$ docker-compose -f docker-compose.elastic.yml up zeek
wait a little while for filebeat to consume all the logs
$ open http://localhost:5601/app/kibana
zeek_1
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 39: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 39: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 39: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 49: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 49: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 49: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 39: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 39: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 39: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 49: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 49: no such index (Notice::tmp_notice_storage[Notice::uid])
1295981840.989753 expression error in /usr/local/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek, line 39: no such index (Notice::tmp_notice_storage[Notice::uid])
The text was updated successfully, but these errors were encountered: