当前位置: 首页 > article >正文

arkime和elasticsearch 安装方法三

article 2025/1/24 1:12:32

Ubuntu新机

sudo apt upgrade

sudo apt install open-vm-tools-desktop -y

sudo reboot

然后换源

cp /etc/apt/source.list /etc/apt/source.list.bak

sudo apt update

nano /etc/apt/source.list

deb https://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse

deb https://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse

deb https://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse

# deb https://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse
# deb-src https://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse

deb https://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse


 1.添加 Elasticsearch 仓库 

 wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch --no-check-certificate | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg


 echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list

sudo apt update

sudo apt install elasticsearch

sudo systemctl enable elasticsearch
sudo systemctl start elasticsearch

curl http://localhost:9200

安装arkime
如果选择使用 arkime-4.3.1-1.x86_64,去别的博客看看.dep包或者rpm怎么安装

wget https://s3.amazonaws.com/files.molo.ch/builds/ubuntu-20.04/arkime_3.4.2-1_amd64.deb

apt install ./arkime_3.4.2-1_amd64.deb

/opt/arkime/bin/Configure

下载ipv4-address-space.csv 和oui.txt,并复制到/opt/arkime/etc/下赋权

ipv4-address-space.csv下载地址:https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.csv

oui.txt下载地址:项目文件预览 - manuf:Parser library for Wireshark's OUI database. - GitCode

把manuf改名oui.txt

然后
mv ipv4-address-space.csv /opt/arkime/etc/

mv oui.txt /opt/arkime/etc/

chmod a+r /opt/arkime/etc/oui.txt
chmod a+r /opt/arkime/etc/ipv4-address-space.csv
/opt/arkime/db/db.pl http://localhost:9200 init

/opt/arkime/bin/arkime_add_user.sh admin “Admin” 1234 --admin

##用户名admin 密码1234

启动服务
systemctl start arkimecapture.service
systemctl start arkimeviewer.service
systemctl enable arkimecapture.service
systemctl enable arkimeviewer.service

访问
http://IP:8005


http://www.kler.cn/a/515633.html

相关文章:

  • 图谱之前端关系应用
  • leetcode 121. 买卖股票的最佳时机
  • HP 笔记本重新安装 Windows 11 无法启动
  • SQL-leetcode—1174. 即时食物配送 II
  • PAT (Basic Level) Practice 乙级1041-1045
  • 【2024年华为OD机试】(C/D卷,200分)- 5G网络建设 (JavaScriptJava PythonC/C++)
  • 记录一次k8s起不来的排查过程
  • 营销2.0时代的挑战与开源AI智能名片2+1链动模式S2B2C商城小程序源码的解决方案
  • 15_业务系统基类
  • .gitignore配置忽略out目录
  • macOS安装Gradle环境
  • 移植前准备之git管理内核源码
  • Appium(四)
  • 【Android学习】Kotlin随笔
  • kafka学习笔记2 —— 筑梦之路
  • centos部署rabbitmq
  • Next.js:构建大模型智能体GPT研究者应用的 Web开发框架
  • GPU加速GWAS分析--quickdraw
  • Ada语言的软件工程
  • BUU UPLOAD COURSE 11
  • Github 2025-01-22 C开源项目日报 Top9
  • 每日一题-数组中的逆序对
  • 51单片机(三) UART协议与串口通信实验
  • 宝塔UDP服务器部署记录,unityClient,pythonServer
  • Cursor的简单使用
  • WordPress果果AI创作插件