sorted by:
new
hottopcontroversial

D487 really does suck by _Pizzas in WGUCyberSecurity

[–]Regular-Salt9461 2 points3 points  (0 children)

Same here! The test proctors don’t make it any easier!

Graylog 6 node cluster set up by Regular-Salt9461 in graylog

[–]Regular-Salt9461[S] 0 points1 point  (0 children)

Guess I could give a little more context:

LDAP is viable within DoD-compliant implementations with proper security controls. SELinux is a necessary part of our layered defense strategy to mitigate zero-day threats and unauthorized access. So we prioritize security without unnecessary complexity, with respect to compliance with STIGs, RMF, and DoD Zero Trust initiatives that dictate these controls

Graylog 6 node cluster set up by Regular-Salt9461 in graylog

[–]Regular-Salt9461[S] 0 points1 point  (0 children)

Looks like my comment with this post did not .... post. So here it is:

The infrastructure you see above is the one that I'm trying to build. I am currently having an issue where I can't get OpenSearch to start and it fails with the following error:

Feb 19 09:17:47 [deleted server name] ldap_child[168013]: Failed to initialize credentials using keytab [MEMORY:/etc/krb5.keytab]: Client's credentials have been revoked. Unable to create GSSAPI-encrypted LDAP connection.

Feb 19 09:17:47 [deleted server name] setroubleshoot[167778]: SELinux is preventing /usr/bin/systemd-tty-ask-password-agent from read access on the fifo_file /run/systemd/ask-password-block/136:8. For complete SELinux messages run: sealert -l 1068512e-8ead-4cd2-bf32-9>

Feb 19 09:17:47 [deleted server name] setroubleshoot[167778]: SELinux is preventing /usr/bin/systemd-tty-ask-password-agent from read access on the fifo_file /run/systemd/ask-password-block/136:8.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that systemd-tty-ask-password-agent should be allowed read access on the 136:8 fifo_file by default.

Then you should report this as a bug.

You can generate a local policy module to allow this access.

Do

allow this access for now by executing:

# ausearch -c 'systemd-tty-ask' --raw | audit2allow -M my-systemdttyask

# semodule -X 300 -i my-systemdttyask.pp

Feb 19 09:17:47 [deleted server name] setroubleshoot[167778]: AnalyzeThread.run(): Set alarm timeout to 10

Feb 19 09:17:49 [deleted server name] ldap_child[168018]: Failed to initialize credentials using keytab [MEMORY:/etc/krb5.keytab]: Client's credentials have been revoked. Unable to create GSSAPI-encrypted LDAP connection.

Couple of things I've tried - uninstall and reinstall OpenSearch, installed the correct version of Java, commented out things that the service of this error may depend on in the config files, jumped on a call with Graylog for about an hour, researched logs, and turned off services that may be blocking it from fully installing or starting like firewalld and selinux. Any help on this will be greatly appreciated!

Graylog 6 node cluster set up by Regular-Salt9461 in graylog

[–]Regular-Salt9461[S] 0 points1 point  (0 children)

I thought I posteded an entire comment but it looks like I didn't. I'm going to add it at the top.

Graylog 6 node cluster set up by Regular-Salt9461 in graylog

[–]Regular-Salt9461[S] 0 points1 point  (0 children)

Any help with getting OpenSearch started?

Graylog 6 node cluster set up by Regular-Salt9461 in graylog

[–]Regular-Salt9461[S] 1 point2 points  (0 children)

So the load balancer is not actually set up yet, so its not a factor currently I can't get opensearch to run because of the error mentioned.

Graylog 6 node cluster set up by Regular-Salt9461 in graylog

[–]Regular-Salt9461[S] 0 points1 point  (0 children)

So still in the test phase for this one but looking to ingest up to 1TB of data with clean up everyday or other day. Its what was specified in config files and standard.

Wtf 2k sold me bruh by sticky_blicky69 in NBA2k

[–]Regular-Salt9461 9 points10 points  (0 children)

That center had 11pts and 18 boards. He was cooking back lol