Alien Vault Reconfiguration

06 Apr 2020

Alienvault-reconfig creates the live configuration, loads the appropriate values, and makes sure all appropriate changes are made to dependent service configurations. Alienvault-reconfig command will initiate those changes, writing them to the appropriate configuration files and database fields and then hupping or restarting the appropriate services to load those changes.

Some of the options that can be pursued to troubleshoot and resolve this issue have been mentioned below:

Login to Alien Vault server using putty with “root” credentials.
After login, you will see the following screen.

alt text

Select the “Jailbreak System”
Click “Yes” or Press “Enter” from the keyboard and accept the “Jailbreak Commandline Notice” in next screen by clicking “Yes:”

alt text

This will give you a command line access to Alien Vault server and screen will be displayed as below.

alt text

Run the following command in the console and wait for this to complete. Command: alienvault-reconfig -c -v –d

alt text

If the above command ran successfully, wait for at least 5 minutes and refresh the Alien Vault Alarms page in browser.

alt text

If something is still wrong and you don’t see the alerts in the web GUI, then we need to pivot and try some other method. The next suggested step is a bit too much at this stage but will get you through the task. Click Here for the Event Level Troubleshooting or here for OSSIM agent troubleshoot if alarms are not coming.

Security Operations Center - Relative Security Relative Security

Alien Vault Reconfiguration

Related posts

MSSP Communication Plan 15 May 2020

Alien Vault - Backups 01 May 2020

Alien Vault - Configuration Backup 26 Apr 2020