Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

'Failed to connect to database: no reachable servers' using official docker image #796

Open
HeroS3c-new opened this issue Apr 21, 2023 · 2 comments
Open

'Failed to connect to database: no reachable servers' using official docker image #796

HeroS3c-new opened this issue Apr 21, 2023 · 2 comments

Comments

@HeroS3c-new
Copy link

HeroS3c-new commented Apr 21, 2023
edited

I get this error: Failed to connect to database: no reachable servers when using the official docker hub image.
command: docker run quay.io/activecm/rita import pcap_to_log

pcap_to_log is a folder that contains all log files generated from a pcap using zeek.

output of ls -l pcap_to_log:

-rw-r--r-- 1 loris loris 280 Apr 15 15:57 capture_loss.log
-rw-r--r-- 1 loris loris 2044 Apr 15 15:57 conn.2023-04-13-14-27-52.log
-rw-r--r-- 1 loris loris 733 Apr 15 15:57 conn.log
-rw-r--r-- 1 loris loris 1118 Apr 15 15:57 dns.2023-04-13-14-27-47.log
-rw-r--r-- 1 loris loris 4063 Apr 15 15:57 files.2023-04-13-14-27-47.log
-rw-r--r-- 1 loris loris 2843 Apr 15 15:57 http.2023-04-13-14-27-47.log
-rw-r--r-- 1 loris loris 28021 Apr 15 15:57 loaded_scripts.2023-04-13-14-27-47.log
-rw-r--r-- 1 loris loris 254 Apr 15 15:57 packet_filter.2023-04-13-14-27-47.log
-rw-r--r-- 1 loris loris 707 Apr 15 15:57 stats.2023-04-13-14-27-47.log
-rw-r--r-- 1 loris loris 719 Apr 15 15:57 stats.log
-rw-r--r-- 1 loris loris 1157 Apr 15 15:57 telemetry.2023-04-13-14-27-47.log
-rw-r--r-- 1 loris loris 1157 Apr 15 15:57 telemetry.log

I'm on Manjaro (Linux loris-laptop 5.15.106-1-MANJARO #1 SMP PREEMPT Wed Apr 5 09:58:14 UTC 2023 x86_64 GNU/Linux)
@HeroS3c-new HeroS3c-new changed the title Failed to connect to database: no reachable servers Failed to connect to database: no reachable servers using official docker image Apr 21, 2023
@HeroS3c-new HeroS3c-new changed the title Failed to connect to database: no reachable servers using official docker image 'Failed to connect to database: no reachable servers' using official docker image Apr 21, 2023
@Zalgo2462
Copy link
Contributor

Hello, please check out https://github.com/activecm/rita/blob/master/docs/Docker%20Usage.md

We recommend using docker compose in order to easily link together RITA and MongoDB.

You will first need a copy of the RITA configuration file. A copy can be found at https://raw.githubusercontent.com/activecm/rita/master/etc/rita.yaml

Next, edit that configuration file to ensure the internal subnets match your own. (See these lines) If you are using standard RFC1918 internal subnets, you may skip this step.

Then, grab a copy of the docker-compose file at https://raw.githubusercontent.com/activecm/rita/master/docker-compose.yml

Finally, run the following in the directory with the docker-compose.yml file:

export CONIFG=/path/to/your/rita/config.yaml
export LOGS=/path/to/pcap_to_log
docker compose run --rm rita import /logs dataset-name

That should kick off an import. From there, you can interrogate the data with commands like

docker compose run --rm rita show-beacons -H dataset-name

@Nissen96
Copy link

Nissen96 commented Oct 5, 2023

This does not work on my Kubuntu installation, I get Failed to connect to database: no reachable servers:

docker compose run --rm rita import /logs hunt
[+] Running 10/10
 ✔ db 9 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                  89.9s
   ✔ 41af1b5f0f51 Pull complete                                                      20.8s
   ✔ 827435b23065 Pull complete                                                       2.5s 
   ✔ 0fcd25440a99 Pull complete                                                      21.5s
   ✔ 470027a21f64 Pull complete                                                      10.2s
   ✔ 56445177dcba Pull complete                                                      11.8s
   ✔ 94c14c6528a6 Pull complete                                                      12.9s
   ✔ 639a84cbfe37 Pull complete                                                      14.1s
   ✔ 300a296c539e Pull complete                                                      83.2s
   ✔ 5d03d7302312 Pull complete                                                      19.5s
[+] Creating 2/2
 ✔ Volume "train_db"     Created                                                      0.0s
 ✔ Container train-db-1  Created                                                      0.1s
[+] Running 1/1
 ✔ Container train-db-1  Started                                                      0.7s
[+] Running 3/3
 ✔ rita 2 layers [⣿⣿]      0B/0B      Pulled                                          7.7s
   ✔ 8f2b33455d22 Pull complete                                                       1.1s
   ✔ dc3464d53a27 Pull complete                                                       4.4s
Failed to connect to database: no reachable servers

I have Docker version 24.0.5, and I have followed all the steps you provided (fetching config file and docker-compose.yml setting env vars with export). The default internal subnets should be fine for me.
I am using Ubuntu 23.04 (lunar) with kernel 6.2.0-33-genericand got the same issue running it without docker with a local mongodb, but I assumed it would work out of the box with Docker when fetching the correct mongo image.

Any idea what goes wrong here?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Zalgo2462 @Nissen96 @HeroS3c-new