I try to connect osquery in window server to kolide fleet. The osqueryd service created successfully but nothing appear on my kolide fleet dashboard.
I created the service through:
sc.exe create osqueryd type= own start= auto error= normal binpath= "C:\Program Files\osquery\osqueryd\osqueryd.exe --flagfile=\Program Files\osquery\osquery.flags" displayname= 'osqueryd'
sc.exe start osqueryd
My osquery.flags
--enroll_secret_path="C:\Users\xxx\Desktop\Secret\enroll_secret.txt"
--tls_server_certs="C:\Users\xxx\Desktop\Secret\certiticate.cer"
--tls_hostname=127.0.0.1:8080
--host_identifier=uuid
--enroll_tls_endpoint=/api/v1/osquery/enroll
--config_plugin=tls
--config_tls_endpoint=/api/v1/osquery/config
--config_refresh=10
--disable_distributed=false
--distributed_plugin=tls
--distributed_interval=3
--distributed_tls_max_attempts=3
--distributed_tls_read_endpoint=/api/v1/osquery/distributed/read
--distributed_tls_write_endpoint=/api/v1/osquery/distributed/write
--logger_plugin=tls
--logger_tls_endpoint=/api/v1/osquery/log
--logger_tls_period=10
I have no idea how to change the flag command to suit window service
The best way to debug this kind of issue is to test out your configuration by running osqueryd manually, rather than as a service. This will let you see the logs and get your settings correct before setting up the service.
You'll want to use the following command in Powershell:
& 'C:\Program Files\osquery\osqueryd\osqueryd.exe' --flagfile='\Program Files\osquery\osquery.flags'
Now that you can see the output from osqueryd, you may be able to determine the issue. If not, add the --verbose --tls_dump flags and you will have further output to work with:
& 'C:\Program Files\osquery\osqueryd\osqueryd.exe' --flagfile='\Program Files\osquery\osquery.flags' --verbose --tls_dump
Use this to debug your issue, setting the flagfile appropriately. Once you have done so, you should be able to start up the service using the same flagfile and have it connect successfully.
Related
In TFS, i'm doing build for my .Net project. I've got agent configured locally and build is carried using that. Error says as follows
Cannot listen on pipe name 'net.pipe://localhost/taskagent/6/xxxxxx' because another pipe endpoint is already listening on that name.
Not sure, what this exactly is....Please help. Attached the error screenshot for reference.
Note: I'm not using any TDD/test process in code
According to the error info not sure if it's related to TFS side. Suggest you also manually run the build directly on the build agent.
Since the agent is newly configured, to narrow down if the error is related to your environment on the build server machine. You could also create a new build definition with a simple project such as hello world and check if got the same error. If so, suggest you delete the agent, reconfigure it follow this tutorial: Deploy an agent on Windows
Besides, you could also set system.debug=true to enable verbose debug for build to get more detail error info, please refer: Enable Verbose Debug Mode for TFS Build vNext
I am trying to run Apache Tomcat 8.0.21 in debug mode.
When I give the command
sh catalina.sh jpda start
it gives this error.
error message
ERROR: Cannot load this JVM TI agent twice, check your java command
line for duplicate jdwp options. Error occurred during initialization
of VM agent library failed to init: jdwp
Can anyone help ?
Either
unset CATALINA_OPTS
unset JPDA_ADDRESS
unset JPDA_OPTS
unset JPDA_TRANSPORT
catalina.sh jpda start
Or
# in .bashrc, .profile etc.
export CATALINA_OPTS="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=8000 -Djava.security.egd=file:/dev/urandom -Denv=dev -Xms1024M -Xmx2048M -XX:PermSize=256M -XX:MaxPermSize=768m"
# At your shell prompt
./startup.sh
Explanation
As Arnab said in the comments, if your shell configuration includes environment variables mentioning jdpw (such as CATALINA_OPTS, JDPA_ADDRESS, JPDA_OPTS), just launch using ./startup.sh as if you were not trying to do remote debugging and the script will pick up the jdpw option from your environment variables.
The launch option syntax catalina.sh jpda start should only be used if you don't have any environment variables that already specified a remote debug port. It's meant to be convenient but if you've previously configured your shell to support java remote debugging you're probably mixing the two alternative approaches.
You can just add env variable and run the tomcat as usual
Debug port is 8000 in this case
export CATALINA_OPTS="-agentlib:jdwp=transport=dt_socket,address=8000,server=y,suspend=n"
Then run the tomcat
sh ./catalina.sh start
This happened to me with Eclipse when I tried to add the debugging parameters (-Xdebug -agentlib:jdwp=transport=dt_socket,address=8000,server=y,suspend=y) so I could suspend Tomcat on start. Unfortunately I then launched my Tomcat (within Eclipse) using the Debug button.
Why this is a problem
When you are launching Tomcat in Debug mode Eclipse itself inserts the debug parameters. When you have your own debug parameters in the launch configuration you are indeed passing them twice.
So if you need to launch Tomcat from within Eclipse and suspend it on start (so you can connect with debugger) you need to:
- add the debugging parameters to the "Arguments -> VM arguments" box of your launch config,
- and then Run this config, not Debug.
This way only the debugging parameters from your launch config are added.
There is alternative approach, recommended in 'catalina.sh':
"Do not set the variables in this script. Instead put them into a script
setenv.sh in CATALINA_BASE/bin to keep your customizations separate."
For Windows, the file name with environment variables will be 'setenv.bat'.
Thank you mr Dimitar II
Verified this works perfectly and is consumed automatically when running startup.bat
file: setenv.bat
#echo off
rem The proper way to set environment up for running Catalina
set "CATALINA_OPTS=-agentlib:jdwp=transport=dt_socket,address=8000,server=y,suspend=n"
I'm following these steps outlines on this link, however when I try to start the server nothing happens nor can I connect to anything from the client. Does anyone know how to run this?
when I try from a command prompt instead of double clicking the redis-server.exe I get this message
[11868] 23 Jul 11:58:26.325 # QForkMasterInit: system error caught. error code=0
x000005af, message=VirtualAllocEx failed.: unknown error
http://bartwullems.blogspot.ca/2013/07/unofficial-redis-for-windows.html
The easiest way to install Redis is through NuGet:
Open Visual Studio
Create an empty solution so that NuGet knows where to put the packages
Go the Package Manager Console: Tools –> Library Package Manager –>Package Manager Console
Type Install-Package Redis-64
image
Go to the Packages folder and browse to the Tools folder. Here you’ll find the Redis-server.exe. Double click on it to start it.
Redis is ready to use and start’s listening on a specific port(6379 in
my case)
image
Let’s open up a client and try to put a value into Redis. Start Redis-cli.exe. It already connects to the same port by default.
image
Add a value by executing following command:
image
Read the value again:
image
Try to run with redis-server --maxheap 4000000
Miguel is correct, but it is not that simple. To start redis-server either as a service or from the command prompt, the amount of available RAM and disk space must be sufficient for Redis to run as configured.
Now, if no configuration file is specified when running Redis, it will use the default configuration values. All of this is documented in the redis.windows.conf file as well as in the document "Redis on Windows.docx" (both deployed with the redis installation).
In my experience, errors when starting Redis usually come from lack of available resources (RAM or disk space) or some incorrect configuration of maxhead or maxmemory parameters.
To troubleshoot this kind of behavior, check your system's available resources and try running redis-server from the command line varying the parameters maxmemory, maxheap, and/or heapdir. The loglevel parameter set to verbose might also help diagnosing the issue.
Regards
Hello people.
I'm using Jenkins as CI server and I need to run some performance test using Jmeter. I've setup the plugin and configured my workspace and everything works ok, but I have to do some steps manually and I want a bit more of "automation".
Currently i have some small programs in a remote server. These programs make some specific validations, for instance (just to explain): validates e-mail addresses, phone numbers, etc.
So, before I run the build in jenkins, I have to manually start the program (file.sh) I want:
I have to use putty (or any othe ssh client) to conect to the server and then run, for instance, the command
./email_validation.sh
And the Jmeter test runs in a correct way, and when the test is done I have to manually "shut down" the program I started. But what I want is trying to start the program I need in Jenkins configuration (not manually outside Jenkins, but in "execute shell" or "execute remote shell using ssh" build step).
I have tried to start it, but it get stuck, because when Jenkins build finds the command
./email_validation.sh
the build stops, it waits for the command to finish and then it will continue the other build steps, but obviously, I need this step not to finish until the test is executed.
Is there a way to achieve this? Thanks
Run your command as a background process by adding the & symbol at the end of the command and use the nohup command in case the parent process gets a hangup signal, e.g.
nohup /path/to/email_validation.sh &
If the script produces any output, it will go by default to the file nohup.out in the current directory when the script was launched.
You can kill the process at the end of the build by running:
pkill email_validation.sh
I am trying to get ActiveMQ server running on a RaspberryPI Debian Squeeze box and all appears to be installed correctly but when I try and start the service I am getting the following...
root#raspberrypi:/var/www/activemq/apache-activemq-5.7.0# bin/activemq
INFO: Loading '/etc/default/activemq'
INFO: Using java '/usr/jre1.7.0_07/bin/java'
/usr/jre1.7.0_07/bin/java: 1: /usr/jre1.7.0_07/bin/java:ELF0
4°: not found
/usr/jre1.7.0_07/bin/java: 2: /usr/jre1.7.0_07/bin/java: Syntax error: "(" unexpected
Tasks provided by the sysv init script:
restart - stop running instance (if there is one), start new instance
console - start broker in foreground, useful for debugging purposes
status - check if activemq process is running
setup - create the specified configuration file for this init script
(see next usage section)
Configuration of this script:
The configuration of this script can be placed on /etc/default/activemq or /root/.activemqrc.
To use additional configurations for running multiple instances on the same operating system
rename or symlink script to a name matching to activemq-instance-<INSTANCENAME>.
This changes the configuration location to /etc/default/activemq-instance-<INSTANCENAME> and
$HOME/.activemqrc-instance-<INSTANCENAME>. Configuration files in /etc have higher precedence.
root#raspberrypi:/var/www/activemq/apache-activemq-5.7.0#
It looks like there is an error somewhere but I am a fairly newbie at this and don't know where to look.
Just adding an answer since,becoz as per the documentation , the command is wrong
to start activemqm, use
Navigate to [installation directory/bin] and run ./activemq start or simple bin/activemq start
if you want to see it live in a window use bin/activemq console
To stop, you have to kill the process
The default ActiveMQ "getting started" link sends u here : http://activemq.apache.org/getting-started.html which is the "Getting Started Guide for ActiveMQ 4.x".
If you scroll down main documentation page, you will find this link with the proper commands :
http://activemq.apache.org/version-5-getting-started.html