Updating to OSSIM 4.1.3 causes ossim-agent not to start


On updating OSSIM via the update the ossim-agent starts and then stops. No logs are parsed and both /var/log/ossim/agent.log and /var/log/ossim/agent_error.log are empty or contain old information. Listing the processes shows that the agent is not running.

When the agent is started manually using

/usr/bin/ossim-agent -v 

the following error is logged:

OSError: [Errno 2] No such file or directory: '/etc/ossim/agent/host_cache_pro.dic

Looking in the /etc/ossim/agent directory there is no host_cache_pro.dic file but there is a host_cache.dic.

To fix, rename the host_cache.dic to host_cache.dic.old and restart the ossim-agent.

cd /etc/ossim/agent
mv host_cache.dic host_cache.dic.old
/etc/init.d/ossim-agent restart

The agent should now start and write to the agent.log and start processing.

Advertisements

3 thoughts on “Updating to OSSIM 4.1.3 causes ossim-agent not to start

  1. Anonymous says:

    spent several days troubleshooting this. finally stumbled on your post and got it working. thanks!!

  2. Duane says:

    OSSIM 4.2 sensor stopped working today. I very much appreciate your post.

  3. Damon says:

    Today’s update killed my sensor…Thanks for your post, it did the trick perfectly. Much appreciated sir!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: