Get http://localhost:9200/: EOF

[nakagit]

Output of go version:

go version go1.8.1 darwin/amd64

Output of docker version:

Client:
 Version:      17.04.0-ce
 API version:  1.28
 Go version:   go1.7.5
 Git commit:   4845c56
 Built:        Wed Apr  5 06:06:36 2017
 OS/Arch:      darwin/amd64

Server:
 Version:      17.04.0-ce
 API version:  1.28 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   4845c56
 Built:        Tue Apr  4 00:37:25 2017
 OS/Arch:      linux/amd64
 Experimental: true

Output of docker info:

Containers: 1
 Running: 1
 Paused: 0
 Stopped: 0
Images: 1
Server Version: 17.04.0-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins: 
 Volume: local
 Network: bridge host ipvlan macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: 
containerd version: 422e31ce907fd9c3833a38d7b8fdd023e5a76e73
runc version: 9c2d8d184e5da67c95d601382adf14862e4f2228
init version: 949e6fa
Security Options:
 seccomp
  Profile: default
Kernel Version: 4.9.19-moby
Operating System: Alpine Linux v3.5
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 5.818GiB
Name: moby
ID: MINV:DBFQ:PTCY:7FAD:ATH7:USVS:X5EF:ZKQR:WRST:WEQ2:3366:PGHM
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
 File Descriptors: 24
 Goroutines: 33
 System Time: 2017-04-08T18:36:35.813942524Z
 EventsListeners: 1
No Proxy: *.local, 169.254/16
Registry: https://index.docker.io/v1/
Experimental: true
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

Additional environment details (AWS, VirtualBox, physical, Docker For Mac, Docker Toolbox, docker-machine, etc.):
Docker for Mac (both Stable and Edge)

Steps to reproduce the issue:

1. Install Docker
2. Run "brew install https://raw.githubusercontent.com/maliceio/malice/master/contrib/homebrew/Formula/malice.rb"
3. Run "malice scan eicar.com"

Describe the results you received:
NAKAnoMac:Documents naka$ malice scan eicar.com
ERRO[0000] ELK is NOT running, starting now...
ERRO[0000] Network malice does not exist, creating now... env=development exisits=false network=malice
INFO[0000] Created Network: malice env=development name=malice
INFO[0000] Created Volume: malice env=development
malice: Pulling from blacktop/elastic-stack
6daefd62341a: Pull complete
1a4b6fdf1cbc: Pull complete
f7f8f9c33278: Pull complete
fafb758ceb1e: Pull complete
fa9c50d99ebd: Pull complete
131e2f46387f: Pull complete
a93ae444a66e: Pull complete
60c40cde4484: Pull complete
951cf1a26798: Pull complete
96500fc9281c: Pull complete
ebbab98cd3d6: Pull complete
8a0a3f1821e1: Pull complete
e0b9a6e91066: Pull complete
ef6d67c6936a: Pull complete
13babcce34b4: Pull complete
ab70c63bac5d: Pull complete
43c221c5bda4: Pull complete
4e71693b9b02: Pull complete
9ea4b19c8600: Pull complete
Digest: sha256:9342541bdead2c9e12988032117395d133e8e20b72c1a1a1583ef9dd3d618fef
Status: Downloaded newer image for blacktop/elastic-stack:malice
NAKAnoMac:Documents naka$ malice scan eicar.com
2017/04/09 03:32:34 Get http://localhost:9200/: EOF

Describe the results you expected:

Additional information you deem important (e.g. issue happens only occasionally):
When I access "http://localhost:9200", the following message were shown.
ERR_EMPTY_RESPONSE

Thanks in advance,
Yukinaka

[blacktop]

I believe this might be related to #39, which is a dumb bug that has been around for too long.

If you try to scan again a second time does it work?

[blacktop]

Also can you tell me what to following displays:

docker container ls

[blacktop]

actually it sounds more like #43 can you try this:

docker rm -f malice-elk

[nakagit]

Thank you for your reply.

1. second time scan didn't work, it shows same error.

2. docker container ls result is here:

NAKAnoMac:Documents naka$ docker container ls

CONTAINER ID        IMAGE                           COMMAND                  CREATED             STATUS              PORTS                                                                     NAMES
2c430746f9ed        blacktop/elastic-stack:malice   "/sbin/tini -- /us..."   4 minutes ago       Up 4 minutes        443/tcp, 0.0.0.0:80->80/tcp, 5601/tcp, 0.0.0.0:9200->9200/tcp, 9300/tcp   malice-elk

3. I executed "docker rm -f malice-elk" and "malice scan eicar.com", the same error message displayed.

Cheers,
Yukinaka

[blacktop]

can you please tell me the output of:

docker logs malice-elk

[nakagit]

2017-04-09 01:29:33,939 CRIT Supervisor running as root (no user in config file)
2017-04-09 01:29:33,944 INFO supervisord started with pid 5
2017-04-09 01:29:34,963 INFO spawned: 'nginx' with pid 8
2017-04-09 01:29:34,966 INFO spawned: 'elasticsearch' with pid 9
2017-04-09 01:29:34,969 INFO spawned: 'logstash' with pid 10
2017-04-09 01:29:34,979 INFO spawned: 'kibana' with pid 11
2017-04-09 01:29:36,057 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 01:29:36,058 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 01:29:36,059 INFO success: logstash entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 01:29:40,496 INFO success: kibana entered RUNNING state, process has stayed up for > than 5 seconds (startsecs)
2017-04-09 01:29:55,466 INFO exited: elasticsearch (exit status 1; not expected)
2017-04-09 01:29:56,559 INFO spawned: 'elasticsearch' with pid 66
2017-04-09 01:29:57,490 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 01:30:12,462 INFO exited: elasticsearch (exit status 1; not expected)
2017-04-09 01:30:13,396 INFO spawned: 'elasticsearch' with pid 139
2017-04-09 01:30:14,748 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 01:30:29,448 INFO exited: elasticsearch (exit status 1; not expected)
2017-04-09 01:30:29,534 INFO spawned: 'elasticsearch' with pid 181
2017-04-09 01:30:30,540 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 01:30:50,385 INFO exited: elasticsearch (exit status 1; not expected)
2017-04-09 01:30:51,450 INFO spawned: 'elasticsearch' with pid 222
2017-04-09 01:30:52,482 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 01:31:11,176 INFO exited: elasticsearch (exit status 1; not expected)
2017-04-09 01:31:11,243 INFO spawned: 'elasticsearch' with pid 263
2017-04-09 01:31:12,246 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 01:31:35,153 INFO exited: elasticsearch (exit status 1; not expected)
2017-04-09 01:31:35,262 INFO spawned: 'elasticsearch' with pid 305
2017-04-09 01:31:36,267 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 01:32:06,439 INFO exited: elasticsearch (exit status 1; not expected)
(SNIP)
2017-04-09 08:20:03,714 INFO spawned: 'elasticsearch' with pid 28721
2017-04-09 08:20:04,718 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 08:20:17,258 INFO exited: elasticsearch (exit status 1; not expected)
2017-04-09 08:20:18,283 INFO spawned: 'elasticsearch' with pid 28762
2017-04-09 08:20:19,285 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

Regards,
Yukinaka

[blacktop]

Now we are getting somewhere:

docker exec malice-elk head -n30 /var/log/elasticsearch.stdout.log

Also how much RAM have you allocated to Docker for Mac?

[nakagit]

Error response from daemon: Container a14e6cbe392eff73685bd7107c0c9bbf741441fe3e325d4dcd7c1a84dce214c0 is not running

RAM was initially 2GB, but I changed to 6GB.

[blacktop]

I'm confused how it could be stopped if you were just getting logs from it? Can you

docker rm -f malice-elk
malice elk
docker exec malice-elk head -n30 /var/log/elasticsearch.stdout.log

[nakagit]

$ docker rm -f malice-elk
malice-elk
$ malice elk
$ docker exec malice-elk head -n30 /var/log/elasticsearch.stdout.log

I can't get any messages as above CLI.

[blacktop]

docker ps -a

[nakagit]

$ docker ps -a
CONTAINER ID        IMAGE                           COMMAND                  CREATED             STATUS              PORTS                                                                     NAMES
72fec55085f3        blacktop/elastic-stack:malice   "/sbin/tini -- /us..."   4 minutes ago       Up 4 minutes        443/tcp, 0.0.0.0:80->80/tcp, 5601/tcp, 0.0.0.0:9200->9200/tcp, 9300/tcp   malice-elk

[blacktop]

So that shows the the container is indeed running now.

is docker logs malice-elk the same?

[nakagit]

$ docker logs malice-elk
2017-04-09 23:48:51,270 CRIT Supervisor running as root (no user in config file)
2017-04-09 23:48:51,275 INFO supervisord started with pid 5
2017-04-09 23:48:52,290 INFO spawned: 'nginx' with pid 8
2017-04-09 23:48:52,293 INFO spawned: 'elasticsearch' with pid 9
2017-04-09 23:48:52,300 INFO spawned: 'logstash' with pid 10
2017-04-09 23:48:52,306 INFO spawned: 'kibana' with pid 11
2017-04-09 23:48:53,610 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 23:48:53,611 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 23:48:53,612 INFO success: logstash entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 23:48:57,621 INFO success: kibana entered RUNNING state, process has stayed up for > than 5 seconds (startsecs)
2017-04-09 23:50:13,795 INFO exited: elasticsearch (exit status 1; not expected)
2017-04-09 23:50:14,391 INFO spawned: 'elasticsearch' with pid 107
2017-04-09 23:50:15,398 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 23:50:25,448 INFO exited: elasticsearch (exit status 1; not expected)
2017-04-09 23:50:26,452 INFO spawned: 'elasticsearch' with pid 148
(SNIP)
2017-04-09 23:54:23,155 INFO spawned: 'elasticsearch' with pid 2054
2017-04-09 23:54:24,426 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2017-04-09 23:54:27,632 INFO exited: elasticsearch (exit status 1; not expected)
2017-04-09 23:54:28,433 INFO spawned: 'elasticsearch' with pid 2095
2017-04-09 23:54:29,439 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

[blacktop]

can you try again now that the container is running: docker exec malice-elk head -n30 /var/log/elasticsearch.stdout.log

[nakagit]

$ docker exec malice-elk head -n30 /var/log/elasticsearch.stdout.log
[2017-04-09T23:50:12,630][INFO ][o.e.n.Node               ] [] initializing ...
[2017-04-09T23:50:13,029][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: failed to obtain node locks, tried [[/usr/share/elasticsearch/data/elasticsearch]] with lock id [0]; maybe these locations are not writable or multiple nodes were started without increasing [node.max_local_storage_nodes] (was [1])?
	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:125) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:112) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.cli.SettingCommand.execute(SettingCommand.java:54) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:122) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.cli.Command.main(Command.java:88) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:89) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:82) ~[elasticsearch-5.1.2.jar:5.1.2]
Caused by: java.lang.IllegalStateException: failed to obtain node locks, tried [[/usr/share/elasticsearch/data/elasticsearch]] with lock id [0]; maybe these locations are not writable or multiple nodes were started without increasing [node.max_local_storage_nodes] (was [1])?
	at org.elasticsearch.env.NodeEnvironment.<init>(NodeEnvironment.java:259) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.node.Node.<init>(Node.java:249) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.node.Node.<init>(Node.java:229) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Bootstrap$6.<init>(Bootstrap.java:214) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:214) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:306) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:121) ~[elasticsearch-5.1.2.jar:5.1.2]
	... 6 more
Caused by: java.io.IOException: failed to obtain lock on /usr/share/elasticsearch/data/nodes/0
	at org.elasticsearch.env.NodeEnvironment.<init>(NodeEnvironment.java:238) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.node.Node.<init>(Node.java:249) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.node.Node.<init>(Node.java:229) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Bootstrap$6.<init>(Bootstrap.java:214) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:214) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:306) ~[elasticsearch-5.1.2.jar:5.1.2]
	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:121) ~[elasticsearch-5.1.2.jar:5.1.2]
	... 6 more
Caused by: java.io.IOException: Mount point not found
	at sun.nio.fs.LinuxFileStore.findMountEntry(LinuxFileStore.java:91) ~[?:?]

[blacktop]

sweet mother of god! 😱

so I sometimes see those errors on my laptop, but not my desktop. I think it might be a bug in Docker for Mac?

[blacktop]

I will look into this more and see if I can understand why it can't obtain the lock. I apologize for the inconvenience and thank you for helping me debug this.

[nakagit]

Thank you for finding the problem with me. :)

When this problem will be fixed, I'd like to broadcast this wonderful Malice to my friends and co-workers through SNS (FB, Twitter).

[blacktop]

I have made a lot of tweaks to the way elasticsearch works with malice now can you reinstall and retry?

$ rm -rf ~/.malice
$ brew reinstall https://raw.githubusercontent.com/maliceio/malice/master/contrib/homebrew/Formula/malice.rb

[blacktop]

you might also have to do a malice plugin update --all as I rebuilt a lot of plugins to connect to elasticsearch slightly differently.

[blacktop]

and finally to show the UI you would run malice elk to start the kibana interface.

[nakagit]

Thank you very much, but I'm afraid the same error happened. Elasticsearch is down.

$ malice scan eicar.com
ERRO[0000] ELK is NOT running, starting now...

$ malice scan eicar.com
2017/04/16 20:38:48 Get http://localhost:9200/: EOF

$ docker ps -ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES SIZE
7a90d481aff0 blacktop/elastic-stack:malice "/sbin/tini -- /us..." 2 minutes ago Up 2 minutes 443/tcp, 0.0.0.0:80->80/tcp, 5601/tcp, 0.0.0.0:9200->9200/tcp, 9300/tcp malice-elk 175MB (virtual 690MB)

$ curl http://localhost:9200
curl: (52) Empty reply from server

KInd regards,
YN

[blacktop]

so I am not sure you removed the .malice directory because it should not be using the blacktop/elastic-stack:malice image

please make sure to rm -rf ~/.malice ⚠️ if you aren't familiar with this command be careful as you can destroy your home directory or worse if you do a typo.

the reason for this is that is where the old config files are stored and malice doesn't overwrite those on a reinstall.

[blacktop]

also maybe you have to brew remove malice and then brew install https://raw.githubusercontent.com/maliceio/malice/master/contrib/homebrew/Formula/malice.rb instead of trying to reinstall it?

[nakagit]

Yes, I removed .malice directory, using "rm -rf ~/.malice" command.

Then, what I did was:
brew reinstall https://raw.githubusercontent.com/maliceio/malice/master/contrib/homebrew/Formula/malice.rb

So, next, I'll execute:

1. brew remove malice
2. brew install https://raw.githubusercontent.com/maliceio/malice/master/contrib/homebrew/Formula/malice.rb

After that, I'll let you know results.

Many thanks,
YN

[nakagit]

After that, I run following step3 command:

3. malice elk
   INFO[0000] Elasticsearch Container Started env=development ip=localhost name="/malice-elk" port=[9200]
   INFO[0000] Waiting for Elasticsearch to come online. server="http://localhost:9200" timeout=10
   ERRO[0010] connecting to elasticsearch timed out timeout=10
   ERRO[0010] Get http://localhost:9200/: EOF
   ERRO[0010] Get http://localhost:9200/: EOF
   ERRO[0010] CreateContainer error = Error response from daemon: No command specified
   env=development
   ERRO[0010] StartContainer error = Error response from daemon: page not found
   env=development
   panic: runtime error: invalid memory address or nil pointer dereference
   [signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x144e328]

goroutine 1 [running]:
github.com/maliceio/malice/malice/docker/client/container.Start(0xc42038a810, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc420193300, 0x0, ...)
/private/tmp/malice-20170417-3326-15rlxnr/gopath/src/github.com/maliceio/malice/malice/docker/client/container/start.go:74 +0x468
github.com/maliceio/malice/malice/ui.Start(0xc42038a810, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
/private/tmp/malice-20170417-3326-15rlxnr/gopath/src/github.com/maliceio/malice/malice/ui/ui.go:32 +0x29e
github.com/maliceio/malice/commands.cmdELK(0xc4202e9400, 0x16bd55f, 0x4)
/private/tmp/malice-20170417-3326-15rlxnr/gopath/src/github.com/maliceio/malice/commands/elk.go:19 +0xdb
github.com/maliceio/malice/commands.glob..func4(0xc4202e9400, 0x0, 0xc4202e9400)
/private/tmp/malice-20170417-3326-15rlxnr/gopath/src/github.com/maliceio/malice/commands/commands.go:69 +0x4d
github.com/maliceio/malice/vendor/github.com/urfave/cli.HandleAction(0x15ccba0, 0x16e1e80, 0xc4202e9400, 0xc4201d3f00, 0x0)
/private/tmp/malice-20170417-3326-15rlxnr/gopath/src/github.com/maliceio/malice/vendor/github.com/urfave/cli/app.go:485 +0xd4
github.com/maliceio/malice/vendor/github.com/urfave/cli.Command.Run(0x16bcde1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x16cd706, 0x1e, 0x0, ...)
/private/tmp/malice-20170417-3326-15rlxnr/gopath/src/github.com/maliceio/malice/vendor/github.com/urfave/cli/command.go:207 +0xb72
github.com/maliceio/malice/vendor/github.com/urfave/cli.(*App).Run(0xc420065520, 0xc42006c080, 0x2, 0x2, 0x0, 0x0)
/private/tmp/malice-20170417-3326-15rlxnr/gopath/src/github.com/maliceio/malice/vendor/github.com/urfave/cli/app.go:250 +0x7d0
main.main()
/private/tmp/malice-20170417-3326-15rlxnr/gopath/src/github.com/maliceio/malice/main.go:83 +0x470

Any comments or suggestion to mentions, what I can help.

Many thanks,
YN

[blacktop]

that is so strange you are still using the old config file? which should be in the ~/.malice/config.toml

[blacktop]

when you uninstall malice are you running:

brew uninstall malice
brew cleaup
brew prune
rm -rf ~/.malice
brew install https://raw.githubusercontent.com/maliceio/malice/master/contrib/homebrew/Formula/malice.rb

[blacktop]

also you might want to clear out the stale docker containers

what does it display when you run

docker ps -a

[nakagit]

I'm afraid I couldn't uninstall malice.rb as following:
$brew uninstall https://raw.githubusercontent.com/maliceio/malice/master/contrib/homebrew/Formula/malice.rb

curl: (22) The requested URL returned error: 404 Not Found
Error: Failure while executing: /usr/bin/curl --remote-time --location --user-agent Homebrew/1.1.12\ (Macintosh;\ Intel\ macOS\ 10.12.4)\ curl/7.51.0 --progress-bar --fail https://raw.githubusercontent.com/maliceio/malice/master/contrib/homebrew/formula/malice.rb -o /Users/naka/Library/Caches/Homebrew/Formula/malice.rb

[blacktop]

I apologize I corrected it above can you try those commands also have to cleared out stale docker containers? What did docker ps -a display?

[blacktop]

it might be easier to talk about this in the gitter chat room? here -> https://gitter.im/maliceio/malice

[nakagit]

$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
25314793a0c0 blacktop/elastic-stack:malice "/sbin/tini -- /us..." About a minute ago Up About a minute 80/tcp, 443/tcp, 5601/tcp, 9300/tcp, 0.0.0.0:9200->9200/tcp malice-elk

[blacktop]

oh wait, you probably need to clear out the malice volumes too

brew install docker-clean
docker-clean stop

[nakagit]

I did 2 commands:

$ brew install docker-clean
==> Using the sandbox
==> Downloading https://github.com/ZZROTDesign/docker-clean/archive/v2.0.4.tar.gz
==> Downloading from https://codeload.github.com/ZZROTDesign/docker-clean/tar.gz/v2.0.4
######################################################################## 100.0%
🍺 /usr/local/Cellar/docker-clean/2.0.4: 5 files, 32KB, built in 7 seconds

$ docker-clean stop
Stopping running containers...
Containers stopped: 1
Cleaning containers...
Stopped containers cleaned: 1
No images to delete!
Cleaning existing dangling volumes...
Volumes cleaned: 13
Removing empty networks...
Networks removed: 1

[blacktop]

okay now you have a clean docker instance

now can you once again (just to be sure) reinstall malice

brew uninstall malice
brew cleaup
brew prune
rm -rf ~/.malice
brew install https://raw.githubusercontent.com/maliceio/malice/master/contrib/homebrew/Formula/malice.rb

[nakagit]

I found 1 error though:

$ brew uninstall malice
Uninstalling /usr/local/Cellar/malice/0.2.0-alpha... (4 files, 16.6MB)
$ brew cleaup
Error: Unknown command: cleaup
$ brew prune
$ rm -rf ~/.malice
$ brew install https://raw.githubusercontent.com/maliceio/malice/master/contrib/homebrew/Formula/malice.rb
######################################################################## 100.0%
==> Cloning https://github.com/maliceio/malice.git
Updating /Users/naka/Library/Caches/Homebrew/malice--git
==> Checking out revision 4513561
==> go get -v
==> go build -o /usr/local/Cellar/malice/0.2.0-alpha/bin/malice
==> Caveats
zsh completions have been installed to:
/usr/local/share/zsh/site-functions
==> Summary
🍺 /usr/local/Cellar/malice/0.2.0-alpha: 4 files, 16.6MB, built in 1 minute 6 seconds

[blacktop]

sorry typo: brew cleanup can you run this now

[blacktop]

then run malice -D elk please

[nakagit]

Thank you so much. I saw UI without any errors. :)

[nakagit]

You fixed the problem.

[blacktop]

haha I am glad we finally got the bottom of this 👍 I hope you enjoy malice

[nakagit]

$ malice -D elk
DEBU[0000] Malice config loaded from: /Users/naka/.malice/config.toml
DEBU[0000] Malice plugins loaded from plugins/bindata.go
DEBU[0000] Using 2 PROCS
DEBU[0000] Malice Version: 0.2.0-alpha
DEBU[0000] Running on Docker for Mac...
DEBU[0000] Connected to docker daemon client ip=localhost port=2375
DEBU[0000] Searching for Network: malice env=development
DEBU[0000] Network NOT Found: malice env=development
ERRO[0000] Network malice does not exist, creating now... env=development exisits=false network=malice
INFO[0000] Created Network: malice env=development name=malice
DEBU[0000] Searching for volume: malice env=development
DEBU[0000] Volume NOT Found: malice env=development
DEBU[0000] Volume malice not found.
INFO[0000] Created Volume: malice env=development
DEBU[0000] Volume malice found.
DEBU[0000] Searching for container: malice-elastic env=development
DEBU[0000] Container NOT Found: malice-elastic env=development
DEBU[0000] Searching for image: blacktop/elasticsearch:5.3 env=development
DEBU[0000] Image NOT Found: blacktop/elasticsearch:5.3 env=development
DEBU[0000] Pulling Image blacktop/elasticsearch:5.3 env=development exisits=false
5.3: Pulling from blacktop/elasticsearch
627beaf3eaaf: Pull complete
(SNIP)
INFO[0035] Elasticsearch came online after 14 seconds
DEBU[0036] Searching for Network: malice env=development
DEBU[0036] Network FOUND: malice env=development
DEBU[0036] Searching for volume: malice env=development
DEBU[0036] Volume FOUND: malice env=development
DEBU[0036] Volume malice found.
DEBU[0036] Searching for container: malice-kibana env=development
DEBU[0036] name: malice-kibana container.Name: malice-elastic
DEBU[0036] MATCH: false
DEBU[0036] Container NOT Found: malice-kibana env=development
DEBU[0036] Searching for image: blacktop/kibana:malice env=development
DEBU[0036] Image NOT Found: blacktop/kibana:malice env=development
DEBU[0036] Pulling Image blacktop/kibana:malice env=development exisits=false
malice: Pulling from blacktop/kibana
627beaf3eaaf: Already exists
2a59a1e54a66: Pull complete
58cdd4000043: Pull complete
8cd6b4bbf06a: Pull complete
41c65ab01d2a: Pull complete
Digest: sha256:d8ce72e7932211bad058a862153e447582d50b9544df98fd76f8eac0a982d16a
Status: Downloaded newer image for blacktop/kibana:malice
INFO[0056] Kibana Container Started env=development ip=localhost name="/malice-kibana" port=[443]

[nakagit]

I'll broadcast your fantastic tool!!!!

[blacktop]

😁