GRR Rapid Response: remote live forensics for incident response
It actually looks like the server is failing to start due to a python error: I0919 17:02:24.834474 139862652036928 server_logging.py:186] Writing log file to /usr/share/grr-server/lib/python3.6/site-packages/grr_response_core/var/log//GRRlog.txt Traceback (most recent call last): File "/usr/share/grr-server/bin/grr_console", line 8, in <module> sys.exit(Console()) File "/usr/share/grr-server/lib/python3.6/site-packages/grr_response_server/distro_entry.py", line 15, in Console app.run(console.main) File "/usr/share/grr-server/lib/python3.6/site-packages/absl/app.py", line 299, in run _run_main(main, args) File "/usr/share/grr-server/lib/python3.6/site-packages/absl/app.py", line 250, in _run_main sys.exit(main(argv)) File "/usr/share/grr-server/lib/python3.6/site-packages/grr_response_server/bin/console.py", line 72, in main server_startup.Init() File "/usr/share/grr-server/lib/python3.6/site-packages/grr_response_core/lib/utils.py", line 1329, in _OneTimeFunction _OneTimeFunction.result = fn(args, kwargs) File "/usr/share/grr-server/lib/python3.6/site-packages/grr_response_server/server_startup.py", line 88, in Init data_store.InitializeDataStore() File "/usr/share/grr-server/lib/python3.6/site-packages/grr_response_server/data_store.py", line 100, in InitializeDataStore REL_DB = db.DatabaseValidationWrapper(cls()) File "/usr/share/grr-server/lib/python3.6/site-packages/grr_response_server/databases/mysql.py", line 502, in init _SetupDatabase(self._connect_args) File "/usr/share/grr-server/lib/python3.6/site-packages/grr_response_server/databases/mysql.py", line 305, in _SetupDatabase ca_cert_path=ca_cert_path)) as conn: File "/usr/share/grr-server/lib/python3.6/site-packages/grr_response_server/databases/mysql.py", line 400, in _Connect _SetSqlMode(cursor) File "/usr/share/grr-server/lib/python3.6/site-packages/grr_response_server/databases/mysql.py", line 154, in _SetSqlMode cursor.execute("SET SESSION sql_mode = %s", [",".join(filtered_components)]) File "/usr/lib/python3/dist-packages/MySQLdb/cursors.py", line 253, in execute self._warning_check() File "/usr/lib/python3/dist-packages/MySQLdb/cursors.py", line 155, in _warning_check warn(self.Warning(w[1:3]), stacklevel=3)
Hey guys I'm trying to look for a specific file extensions through out the environment.
ANy tips on how to use the file finder I keep getting issues
anyone know how can we fix the fleetspeak installation error with exit status 1? tokenize . import sys setup tool with pip2?
hello guys, I don't understand what "interrogation" button does in the interface. is it something like IoC aquisition in fireeye HX?
Do we have any documentation around capacity planning of GRR?
Hello. Myself Gunjan Yadu from IIT ( BHU ), Varanasi. I would like to contribute to GRR Rapid Response and participate in GSOC 2021. I am facing issues in setting up the project https://github.com/google/grr . Please guide me as I am new to open source
I tried to install the GRR server using Nginx. It is installed and shows the status active but I am not able to see anything on the browser. It just says unable to load the page.. any ideas what should I do ??
Hello Everyone! I'm Mittul and I am pursuing master's in CS. I am interested in Modern user interface for YARA memory scans project idea. I want to know more about the tasks and challenges involved in this project.
Can anyone Help?
Hi, I have been playing around with this tool, I would like the ability to push tools to a system, run them and then pull back the results, is this possible? or is there an easy method to build in the functionality?
Is there a way to update the clients version once the server version is update?
Guys I have 2 doubts:
Can we install GRR server as well as the client on the same machine
Is running the GRR client binary file necessary every time we switch on the system
I want to export result to Elasticsearch
buy i cant find out the document about that
May everyone help with the problem?
Tried deploying GRR server, however, when navigating to Management page, I get "Unauthorized", are there any steps to troubleshoot this? Thanks!